ENUMERATION
First we will use nmap to scan the target ip to discover open ports
nmap -sC -sV -O <target ip>
As you can see the nmap scan found a “.git” repository, http://targetip:80/.git/
let’s use some tools to get all the data found in the repository.
here i downloaded a tool which will enable me to dump all the files to my machine
Now lets dump the data
> ./gitdumper.sh http://targetip/.git/ </output/path/>
Now lets extract the data from the git file we dumped on our machine
> ./extractor.sh <path to the dumped file> <output/path>
now navigate to the directory where your extracted data was saved
checkout the index.html file for every folder to find your flag.
thanks for reading, i hope you found your way to the flag!!.
REGARDS
NIRU IFEDINIRU OZIOMA