Marial's Notes
  • Hello!
  • Pentesterlab Labs
    • Recon Badge
      • recon_00 (/robots.txt)
      • recon_01 (404 pages)
      • recon_02 (/.well-known/security.txt)
      • recon_03 (directory listing)
      • recon_04 (/admin)
      • recon_05 (wfuzz)
      • recon_06 (vhost)
      • recon_07 (vhost over TLS)
      • recon_08 (alt name)
      • recon_09 (header)
      • recon_10 (visual recon)
      • recon_11 (virtual host brute)
      • recon_12 (load balance)
      • recon_13 (TXT)
      • recon_14 (zone transfer)
      • recon_15 (int zone transfer)
      • recon_16 (bind version)
      • recon_17 (dev name)
      • recon_18 (public repos)
      • recon_19 (find email)
      • recon_20 (check branches 1)
      • recon_21 (check branches 2)
      • recon_22 (deleted file)
      • recon_23 (commit message)
      • recon_24 (assets)
      • recon_25 (S3)
      • recon_26 (JS)
  • TryHackMe Rooms
    • Basic Pentesting
    • EasyPeasy
    • Kenobi
    • Vulnversity
Powered by GitBook
On this page
  • OBJECTIVE
  • WHY?
  • SOLUTION

Was this helpful?

  1. Pentesterlab Labs
  2. Recon Badge

recon_19 (find email)

Previousrecon_18 (public repos)Nextrecon_20 (check branches 1)

Last updated 7 months ago

Was this helpful?

View the exercise here:

OBJECTIVE

For this challenge, your goal is to look at the repository repo7 and find an email address that is not like the other one.

WHY?

Developers often commit with the wrong email address and that may leak some information about personal accounts or internal systems.

SOLUTION

Open the repo7 of hackycorp then click the green Code button then copy the link of the repo.

In the terminal, type git clone https://github.com/hackycorp/repo7.git to copy the repo on our machine.

ls
cat README.md

To view the log history:

git log README.md

We’ll see the flag in the email address of Hacky Dev.

PentesterLab: Recon 19