Anyone can Access Deleted and Private Repository Data on GitHub ◆ Truffle Security Co.
Anyone can Access Deleted and Private Repository Data on GitHub ◆ Truffle Security Co.
trufflesecurity.com Anyone can Access Deleted and Private Repository Data on GitHub ◆ Truffle Security Co.
You can access data from deleted forks, deleted repositories and even private repositories on GitHub. And it is available forever. This is known by GitHub, and intentionally designed that way.
cross-posted from: https://feddit.cl/post/3545817
tl;dr - Si un proyecto fue forkeado o es un fork, puedes hacerle bruteforce al short_commit_id y ver commits de otros forks. No importa si esos proyectos fueron eliminados o son privados.
0 comments