Parsing SVN Entries Files with PowerShell
Frequently during external and web application penetration tests, we run into SVN entries files on web servers. These files are sometimes created as part of the SVN commit process and can lead to the disclosure of files (and source-code) that has been added to the web directory. This can be especially impactful for assessments, where there may be vulnerable pages (and/or configuration files) that are not clearly advertised from the main web site (i.e.: admin_backdoor.jsp or web.config).
The files are typically laid out in lists of files and directories followed by their type (dir, file) on the next line.
registry
dir
admin_login.jsp
file
Additionally, there may be source files accessible through the svn-base files (i.e.: /.svn/text-base/ExamplePage.jsp.svn-base). You can consider these files like backups of the originals that (hopefully) won’t execute on the server. Sometimes, the server sees these files with their original extension (.jsp) and you may have trouble getting at the source.
The entries files can typically be found in each directory that is used by SVN, as well as any subdirectories. So if a directory shows up in your entries list, it’s worth looking in that directory for another entries file. I got tired of manually going through each of these entries files, so I wrote a script to automate listing the files, source files, and directories into an HTML file. The script also goes into each identified directory to find more entries files to spider.
Script Usage:
SVNtoDIR https://somewebsite.com/DIR/.svn/entries SVNbaseDIR (optional)
Output:
The script will output a directory named after the directory that you’re starting in (i.e.: DIR), and in that directory will be an HTML file (DIR.html) that you can use to start navigating files. Links to the svn-base files are included on the page and show up with the .svn-base file extension. If you are familiar with the default Apache directory listing page, this should be pretty easy for you to navigate. I’ve also added sorting for the table, just click on Name or Type at the top.
Additionally, I’ve added an option for a second parameter that you can use for outputting the .svn-base files to a directory. Be careful with this one, as you can potentially end up downloading the entire web root.
The script is available out at the NetSPI GitHub – https://github.com/NetSPI/SVNentriesParser
Explore More Blog Posts
How App Integration Transactions Increase the Attack Surface of LLMs
Learn how OpenAI’s AppsSDK, AgentKit, and “Buy It” turn LLMs into transactional agents—expanding security risks from rapid rollout, prompt injection, and access control gaps.
API Security Testing: The Overlooked Frontline in Application Penetration Testing
In this article, NetSPI Managing Director Nate Brown, highlights the importance of securing APIs to protect against cyberattacks and data breaches.
Webinar Recap: Everything You Wish You Didn’t Have to Know About Ransomware
Learn about the evolving ransomware landscape, including how attackers operate, the roles within the ransomware economy, and actionable strategies to strengthen your defenses.