File `http-git`

脚本使用类型: portrule
脚本所属分类: default, safe, vuln
脚本下载地址: http://nmap.org/svn/scripts/http-git.nse

User Summary

Checks for a Git repository found in a website's document root /.git/<something>) and retrieves as much repo information as possible, including language/framework, remotes, last commit message, and repository description.

Script Arguments

smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername

See the documentation for the smbauth library.

http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent

See the documentation for the http library.

Example Usage

执行格式

nmap -sV -sC <target>

Script Output

PORT   STATE SERVICE REASON
80/tcp open  http    syn-ack
| http-git:
|   127.0.0.1:80/.git/
|     Git repository found!
|     .git/config matched patterns 'passw'
|     Repository description: Unnamed repository; edit this file 'description' to name the...
|     Remotes:
|       http://github.com/someuser/somerepo
|     Project type: Ruby on Rails web application (guessed from .git/info/exclude)
|   127.0.0.1:80/damagedrepository/.git/
|_    Potential Git repository found (found 2/6 expected files)

Requires

Author: Alex Weber

License: VER007 整理 http://www.ver007.com

File http-git