Hacker News new | ask | show | jobs
by seawlf 3096 days ago
This site has an exposed Git directory, so you can clone the whole thing. Funnily enough, it appears to be actually talking to a MySQL database. http://sharesolo.com/get_notes.php

Also, all of the credentials are there. I won't post them, but lordy, please close this before your database is wiped.
3 comments
wtsui 3096 days ago
Careless error. Removed, thank you.
link
tomcooks 3096 days ago
Bravo for pointing that out! Care to explain how you discovered this? Making such security mistakes is what my nightmares are made of
link
aw3c2 3096 days ago
Probably tried to access http://sharesolo.com/.git/ for the repo and looked at the network traffic to see the get_notes.php.
link
swyx 3095 days ago
good on you for pointing out the security hole. i'm still a newb when it comes to it.
link