Santa's List

AI First Flight #3
Beginner FriendlyFoundry
EXP
View results
Submission Details
Impact: low
Likelihood: low
Invalid

Mystery file in directory and named in .gitignore

Root + Impact

Description

  • We expect to know the purpose of all files in the directory. There should not be mystery files in the main directory of the project.

  • We find an unmentioned file called youve-been-pwned and we see the following in .gitignore :

youve-been-pwned

Risk

Likelihood:

  • There is nothing in the file, but its appearance is concerning, especially because it hints at hacking.

Impact:

  • Unknown code could somehow run.

Proof of Concept

The unknown file could potentially run unknown code.

<malicious code here>

Recommended Mitigation

Delete the file youve-been-pwned and remove the following from .gitignore :

- youve-been-pwned
Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 4 hours ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!