A presentation at Null Meet Bangalore Chapter in
August 2015 in
Bengaluru, Karnataka, India by
EXPLOITING VERSION CONTROL SYSTEMS PILLAGING FOR FUN AND PROFIT BY ANANT SHRIVASTAVA
ANANT SHRIVASTAVA Information Security Consultant Admin - Dev - Security null + OWASP + G4H http://anantshri.info and @anantshri Trainer : Blackhat USA, NullCon, g0s, c0c0n, RootConf Speaker : Nullcon, c0c0n, ClubHack, RootConf
WHAT IS VCS Version Control System The hip / developers way of deploying code Supports Auto-Deployment on commit
WHY EXPLOIT Coz its fun Its like a golden ticket Auto-deployment if available makes it more hip.
VCS 101 Type
PREDICATABLE FILES .git/HEAD .hg/requires .bzr/README
ROBOTS.TXT OF VCS .gitignore
TOOLS 1. SVN-extractor (Only SVN) (on top coz i wrote it) 2. DVCS-pillage (lacks SVN support) 3. dvcs-ripper (alternative implementation covers svn too)
NOTE: ALL DEMO’s are prepared while in sleep deprived state.
DIRECTORY LISTING ENABLED
DIRECTORY LISTING DISABLED
PHEW DEMO DONE
QUICK CHECKS while read p; do echo “Input: “$p echo “CHECK: SVN entries http” curl -I http://$p/.svn/entries echo “CHECK: SVN entries https” curl -k -I https://$p/.svn/entries echo “CHECK: SVN wcdb” curl -I http://$p/.svn/wc.db echo “CHECK: SVN wcdb https” curl -k -I https://$p/.svn/wc.db done<$1
View Exploiting publically exposed Version Control System.
This Demo / talk was focused on exploiting publicly exposed version control system.
The following resources were mentioned during the presentation or are useful additional information.
Here’s what was said about this presentation on Twitter.
@anantshri talking on exploiting publicly available VCS files and tools used for it at @Nullblr August monthly meet pic.twitter.com/CmiIXANirF— Apoorva Giri (@cedricfanapoo) August 29, 2015
@anantshri talking on exploiting publicly available VCS files and tools used for it at @Nullblr August monthly meet pic.twitter.com/CmiIXANirF
Kick ass demos by @anantshri on Exploiting Version Control Systems 😎 #Nullblr @OWASPBangalore @Nullblr @garage4hackers— Abhinav Sejpal (@AbhinavSejpal) August 29, 2015
Kick ass demos by @anantshri on Exploiting Version Control Systems 😎 #Nullblr @OWASPBangalore @Nullblr @garage4hackers