Hello,
My name is Emma, I am conducting an academic study on possible credential exposure in public GitHub repositories.
While analyzing this repository, I found a string that may represent a credential. I'm including the code snippet below containing possible leakage. To avoid exposing sensitive information publicly, I marked the sensitive information.
Could you please help clarify whether the detected string is:
- a real credential, or
- a placeholder / example value?
Thank you for your time.
Code snippet (sensitive values masked):
public static String GetUser() throws Exception
{
File file = new File("../config/Admin.cfg");
FileReader fileReader = new FileReader(file);
BufferedReader bufferedReader = new BufferedReader(fileReader);
String line;
String pwd = " ";
while ((line=bufferedReader.readLine())!=null)
{
if (line.indexOf("User: ")!=-1){
pwd = line.substring(line.indexOf("User: ")+"User: ".length(),line.indexOf(";"));
}
}
Thank you in advance for your time - I really appreciate it!
Sincerely,
Emma
Hello,
My name is Emma, I am conducting an academic study on possible credential exposure in public GitHub repositories.
While analyzing this repository, I found a string that may represent a credential. I'm including the code snippet below containing possible leakage. To avoid exposing sensitive information publicly, I marked the sensitive information.
Could you please help clarify whether the detected string is:
Thank you for your time.
Code snippet (sensitive values masked):
Thank you in advance for your time - I really appreciate it!
Sincerely,
Emma