Git Happens

端口扫描

root@ip-10-10-85-216:~# nmap -sT -p- --min-rate 1000 10.10.119.199 

Starting Nmap 7.60 ( https://nmap.org ) at 2023-08-21 16:44 BST
Nmap scan report for ip-10-10-119-199.eu-west-1.compute.internal (10.10.119.199)
Host is up (0.035s latency).
Not shown: 65534 closed ports
PORT   STATE SERVICE
80/tcp open  http
MAC Address: 02:9C:75:54:17:8F (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 9.33 seconds

80 - HTTP

根据题目我们知道这是查看 Git 泄露的我们下载对应的工具进行 dvcs-ripper 进行下载源码即可

root@ip-10-10-85-216:~/git# ./rip-git.pl  -v -u  http://10.10.119.199/.git/
[i] Downloading git files from http://10.10.119.199/.git/
[i] Auto-detecting 404 as 200 with 3 requests
[i] Getting correct 404 responses
[i] Using session name: FgQAfNPs
[!] Not found for COMMIT_EDITMSG: 404 Not Found
[d] found config
[d] found description
[d] found HEAD
[d] found index
[d] found packed-refs
[!] Not found for objects/info/alternates: 404 Not Found
[!] Not found for info/grafts: 404 Not Found
[d] found logs/HEAD
......
[i] Got items with git fsck: 0, Items fetched: 0
[!] No more items to fetch. That's it!
root@ip-10-10-85-216:~/git# ls
css  dashboard.html  default.conf  Dockerfile  index.html  README.md  rip-git.pl

使用 gitk 工具进行查看