Main » 2011 » Март » 16 » Were obtained by the source 3300 Global Internet Project
12:43
Were obtained by the source 3300 Global Internet Project
A couple of months ago we (2Tovarischa and Anton Isaikin) was discovered vulnerability of mostly large internet projects (like the Rambler, Mail, Yandex, Opera, etc.). Unable to access the file structure of known sites (a total of 3,320 sites) and in some cases, their full source code.

It would seem that in the XXI century it is difficult to find such a vulnerability. It seems that everything has already been found, and what is not found, sitting somewhere very very deep. It turned out that the root of evil today is quite casual thing. Surely every one of you ever had to deal with version control system SVN.

SVN is an advanced tool for organizing the joint development of dozens or even hundreds of developers. Because of the architecture, SVN is stored in each directory of the project their metafiles, neatly folded in the hidden directory .svn. In a file called entries is a list of all files and directories located in the same folder as the .svn. Also there is information about the location of the repository, file size, date of changes and user names of users working on the project. It is not bad, right? Explain, it turns out, if the project is developed using SVN, then glanced at draftcopy.ru / .svn / entries we'll see the file structure of the root of the project with the authors, the latest changes, a reference to the mainline repository, and so forth.

But we can go further. In the same folder .svn is director of the text-base, in which lie the latest versions of all files in the repository. Now completes the same way and that the files are not a standard extension (eg. Php), which allows them to immediately send to the interpreter, and an additional extension of .svn-base, by which the file is given to request a person "as is ", ie bare source code!

Draftcopy.ru / .svn / text-base / index.php.svn-base

It should be noted that the above picture is perfect and although she was so in most cases, though a large percentage of the source code can not get for whatever reason.

For the first time realized that discovered the vulnerability inherent in most projects of the past nine years, it was decided to completely scan ?oiao to see what live internet projects and get an interesting statistic. But before the story about how it was necessary to tell the gray admins how to defend against such ...

Views: 457 | Added by: w1zard | Rating: 0.0/0
Total comments: 0
Имя *:
Email *:
Код *: