Gitlab RCE - Remote Code Execution

Last update: Nov 09, 2022

Overview

Gitlab RCE - Remote Code Execution

RCE for old gitlab version <= 11.4.7 & 12.4.0-12.8.1

LFI for old gitlab versions 10.4 - 12.8.1

This is an exploit for old Gitlab versions. This shouldnt work in the wild but it still seems to be popular in CTFs. Educational use only. Illegal things are illegal.

CVEs: CVE-2018-19571 (SSRF) + CVE-2018-19585 (CRLF) & CVE-2020-10977

credits:

https://www.youtube.com/watch?v=LrLJuyAdoAg - LiveOverflow
https://github.com/jas502n/gitlab-SSRF-redis-RCE - jas502n
https://hackerone.com/reports/827052 - vakzz
partly inspired by the gitlab RCE metasploit module

usage:

python gitlab_rce.py

You might or might not have to tweak this a bit.

THERE ARE ~~ABSOLUTELY !!NO!!~~ ~~VERY~~ A FEW CHECKS OR ERROR HANDLING!

needs a HUGE refactor some time in the future.

Owner

pwner of boxes - capturer of flags

GitHub Repository

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

Take Note! With the exception of issues and PRs regarding changes to hosts/data/StevenBlack/hosts, all other issues regarding the content of the produ

22.1k Jan 02, 2023

labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

labsecurity labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface. Warning

16 Dec 08, 2022

AIL LeakFeeder: A Module for AIL Framework that automate the process to feed leaked files automatically to AIL

AIL LeakFeeder: A Module for AIL Framework that automates the process to feed leaked files automatically to AIL, So basically this feeder will help you ingest AIL with your leaked files automatically

8 May 03, 2022

A simple python-function, to gain all wlan passwords from stored wlan-profiles on a computer.

Wlan Fetcher Windows10 Description A simple python-function, to gain all wlan passwords from stored wlan-profiles on a computer. Usage This Script onl

2 Nov 20, 2021

Discord Token Stealer Malware Protection

TokenGuard TokenGuard, protect your account, prevent token steal. Totally free and open source Discord Server: https://discord.gg/EmwfaGuBE8 Source Co

10 Nov 23, 2022

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

Log4jScanner Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains. Disc

35 Dec 12, 2022

AmiEviL - This program uses the Virus Total API to determine if your suspicious file is malicious or not

AmiEviL - This program uses the Virus Total API to determine if your suspicious file is malicious or not. The program requests the hash of the file and outputs information (if any). This version will

1 Jan 03, 2022

Log4j exploit catcher, detect Log4Shell exploits and try to get payloads.

log4j_catcher Log4j exploit catcher, detect Log4Shell exploits and try to get payloads. This is a basic python server that listen on a port and logs i

17 Dec 20, 2021

Automatically fetch, measure, and merge subscription links on the network, use Github Action

Free Node Merge Introduction Modified from alanbobs999/TopFreeProxies It measures the speed of free nodes on the network and import the stable and hig

52 Jul 16, 2022

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regardin

39 Dec 10, 2022

Gitlab RCE - Remote Code Execution

Related tags

Overview

Gitlab RCE - Remote Code Execution

Owner

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

labsecurity is a tool that brings together python scripts made for ethical hacking, in a single tool, through a console interface

AIL LeakFeeder: A Module for AIL Framework that automate the process to feed leaked files automatically to AIL

A simple python-function, to gain all wlan passwords from stored wlan-profiles on a computer.

Discord Token Stealer Malware Protection

Log4jScanner is a Log4j Related CVEs Scanner, Designed to Help Penetration Testers to Perform Black Box Testing on given subdomains.

AmiEviL - This program uses the Virus Total API to determine if your suspicious file is malicious or not

Log4j exploit catcher, detect Log4Shell exploits and try to get payloads.

Automatically fetch, measure, and merge subscription links on the network, use Github Action

A wordlist generator tool, that allows you to supply a set of words, giving you the possibility to craft multiple variations from the given words, creating a unique and ideal wordlist to use regarding a specific target.

Kunyu, more efficient corporate asset collection

Um script simples de Port Scan + DNS by Hostname

2022-bridge - Example code belonging to the Bridge pattern video

Spring-0day/CVE-2022-22965

Anti Supercookie - Confusing the ISP & Escaping the Supercookie

CVE-2021-44228 log4j 2.x rce漏洞检测工具

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)

Open Source Intelligence gathering tool aimed at reducing the time spent harvesting information from open sources.

test application for the licence key web app.

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".