Subversion (SVN) Server -Port 3690
Become VeryLazyTech member! π
Follow us on:
β Twitter @VeryLazyTech.
πΎ Github @VeryLazyTech.
π Medium @VeryLazyTech.
πΊ YouTube @VeryLazyTech.
π© Telegram @VeryLazyTech.
π΅οΈββοΈ My Site @VeryLazyTech.
Visit our shop for e-books and courses. π
Basic info
Apache Subversion (SVN) is a centralized version control system used to manage the current and historical state of files and directories. It is widely used in software development to track changes, maintain project history, and collaborate across teams.
If misconfigured or exposed to the internet without restrictions, an attacker can:
Enumerate repository names.
Download full project source code.
Access sensitive files such as configuration files, credentials, and API keys.
Key Details
Default Port:
3690/tcpService Name:
svnserveLicense: Apache License
Risk: Source code leaks, sensitive data exposure.
Port Discovery
Check if the port is open:
nmap -p 3690 <target>
PORT STATE SERVICE
3690/tcp open svnserveBanner Grabbing
You can connect directly to grab the banner:
nc -vn <target> 3690This might reveal the SVN version and server info.
Enumeration
1. List Repository Contents
svn ls svn://<target>2. View Commit History
svn log svn://<target>This can reveal usernames, commit messages, and possible hints about sensitive files.
3. Checkout Entire Repository
svn checkout svn://<target>This downloads the full source code locally.
4. Access Specific Revisions
svn up -r <revision_number>This switches the working directory to revision 2, allowing you to explore historical code.
Learn & practice For the Bug Bounty
Last updated
Was this helpful?