File http-git
Script types:
portrule
Categories:
default, safe, vuln
Download: http://nmap.org/svn/scripts/http-git.nse
User Summary
Checks for a Git repository found in a website's document root /.git/<something>) and retrieves as much repo information as possible, including language/framework, remotes, last commit message, and repository description.
Script Arguments
smbdomain, smbhash, smbnoguest, smbpassword, smbtype, smbusername
See the documentation for the smbauth library.http.max-cache-size, http.max-pipeline, http.pipeline, http.useragent
See the documentation for the http library.Example Usage
nmap -sV -sC <target>
Script Output
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-git: | 127.0.0.1:80/.git/ | Git repository found! | .git/config matched patterns 'passw' | Repository description: Unnamed repository; edit this file 'description' to name the... | Remotes: | http://github.com/someuser/somerepo | Project type: Ruby on Rails web application (guessed from .git/info/exclude) | 127.0.0.1:80/damagedrepository/.git/ |_ Potential Git repository found (found 2/6 expected files)
Requires
Author: Alex Weber
License: Same as Nmap--See http://nmap.org/book/man-legal.html