# Subversion (SVN) Server -Port 3690

{% tabs %}
{% tab title="Support VeryLazyTech 🎉" %}

* Become VeryLazyTech [**member**](https://shop.verylazytech.com/product-category/membership/)**! 🎁**
* **Follow** us on:
  * **✖ Twitter** [**@VeryLazyTech**](https://x.com/verylazytech)**.**
  * **👾 Github** [**@VeryLazyTech**](https://github.com/verylazytech)**.**
  * **📜 Medium** [**@VeryLazyTech**](https://medium.com/@verylazytech)**.**
  * **📺 YouTube** [**@VeryLazyTech**](https://www.youtube.com/@VeryLazyTechOfficial)**.**
  * **📩 Telegram** [**@VeryLazyTech**](https://t.me/+mSGyb008VL40MmVk)**.**
  * **🕵️‍♂️ My Site** [**@VeryLazyTech**](https://www.verylazytech.com/)**.**
* Visit our [**shop** ](https://shop.verylazytech.com/)for e-books and courses.  📚
  {% endtab %}
  {% endtabs %}

### **Basic info**

**Apache Subversion (SVN)** is a centralized version control system used to manage the current and historical state of files and directories.\
It is widely used in software development to track changes, maintain project history, and collaborate across teams.

If misconfigured or exposed to the internet without restrictions, an attacker can:

* Enumerate repository names.
* Download full project source code.
* Access sensitive files such as configuration files, credentials, and API keys.

***

### **Key Details**

* **Default Port:** `3690/tcp`
* **Service Name:** `svnserve`
* **License:** Apache License
* **Risk:** Source code leaks, sensitive data exposure.

***

### **Port Discovery**

Check if the port is open:

```bash
nmap -p 3690 <target>

PORT     STATE SERVICE
3690/tcp open  svnserve
```

***

### **Banner Grabbing**

You can connect directly to grab the banner:

```bash
nc -vn <target> 3690
```

This might reveal the SVN version and server info.

***

### **Enumeration**

#### **1. List Repository Contents**

```bash
svn ls svn://<target>
```

***

#### **2. View Commit History**

```bash
svn log svn://<target>
```

This can reveal usernames, commit messages, and possible hints about sensitive files.

***

#### **3. Checkout Entire Repository**

```bash
svn checkout svn://<target>
```

This downloads the full source code locally.

***

#### **4. Access Specific Revisions**

```bash
svn up -r <revision_number>
```

This switches the working directory to revision 2, allowing you to explore historical code.

***

{% hint style="success" %}
Learn & practice [**For the Bug Bounty**](https://shop.verylazytech.com)

<details>

<summary>Support VeryLazyTech 🎉</summary>

* Become VeryLazyTech [**member**](https://shop.verylazytech.com/product-category/membership/)**! 🎁**
* **Follow** us on:
  * **✖ Twitter** [**@VeryLazyTech**](https://x.com/verylazytech)**.**
  * **👾 Github** [**@VeryLazyTech**](https://github.com/verylazytech)**.**
  * **📜 Medium** [**@VeryLazyTech**](https://medium.com/@verylazytech)**.**
  * **📺 YouTube** [**@VeryLazyTech**](https://www.youtube.com/@VeryLazyTechOfficial)**.**
  * **📩 Telegram** [**@VeryLazyTech**](https://t.me/+mSGyb008VL40MmVk)**.**
  * **🕵️‍♂️ My Site** [**@VeryLazyTech**](https://www.verylazytech.com/)**.**
* Visit our [**shop** ](https://shop.verylazytech.com/)for e-books and courses.  📚

</details>
{% endhint %}