what you don't know can hurt you
Showing 1 - 25 of 40 RSS Feed

Files

Git LFS Clone Command Execution
Posted Aug 31, 2021
Authored by Shelby Pace, Matheus Tavares, Johannes Schindelin | Site metasploit.com

Git clients that support delay-capable clean / smudge filters and symbolic links on case-insensitive file systems are vulnerable to remote code execution while cloning a repository. Usage of clean / smudge filters through Git LFS and a case-insensitive file system changes the checkout order of repository files which enables the placement of a Git hook in the .git/hooks directory. By default, this Metasploit module writes a post-checkout script so that the payload will automatically be executed upon checkout of the repository.

tags | exploit, remote, code execution
advisories | CVE-2021-21300
MD5 | b389779a9c5da6a81739bfdce3bfb340

Related Files

GitLab 13.10.2 Remote Code Execution
Posted Nov 17, 2021
Authored by Jacob Baines

GitLab version 13.10.2 remote code execution exploit that provides a reverse shell.

tags | exploit, remote, shell, code execution
advisories | CVE-2021-22204, CVE-2021-22205
MD5 | a203e85e39e4798bc3ada54cb3cc7271
GitLab Unauthenticated Remote ExifTool Command Injection
Posted Nov 4, 2021
Authored by William Bowling, jbaines-r7 | Site metasploit.com

This Metasploit module exploits an unauthenticated file upload and command injection vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE). The patched versions are 13.10.3, 13.9.6, and 13.8.8. Exploitation will result in command execution as the git user.

tags | exploit, file upload
advisories | CVE-2021-22204, CVE-2021-22205
MD5 | d87f3e67fba1b18fb4d757b02d04991d
Git git-lfs Remote Code Execution
Posted Sep 16, 2021
Authored by Dawid Golunski, jheysel-r7, space-r7 | Site metasploit.com

This Metasploit modules exploits a critical vulnerability in Git Large File Storage (Git LFS), an open source Git extension for versioning large files, which allows attackers to achieve remote code execution if the Windows-using victim is tricked into cloning the attacker’s malicious repository using a vulnerable Git version control tool.

tags | exploit, remote, code execution
systems | windows
advisories | CVE-2020-27955
MD5 | 15523ed242b4fcf0e41eea300eaeb7ce
Gitlab 13.10.2 Remote Code Execution
Posted Jun 4, 2021
Authored by enox

Gitlab version 13.10.2 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 0cc1a2bd1cf9d33e81fc7b2b838ff7bf
Gitlab 13.9.3 Remote Code Execution
Posted Jun 3, 2021
Authored by enox

Gitlab version 13.9.3 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | ee6b4d90b2b1a37c5c9f993bb30af022
GitLab Community Edition (CE) 13.10.3 User Enumeration
Posted May 3, 2021
Authored by 4D0niiS

GitLab Community Edition (CE) version 13.10.3 suffers from multiple user enumeration vulnerabilities.

tags | exploit, vulnerability
MD5 | 1e771f1c306635410687ca65cc0935eb
GitHub Missing Audit Logging
Posted Apr 28, 2021
Authored by Yakov Shafranovich | Site wwws.nightwatchcybersecurity.com

Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and without notification or audit logging accessible in the UI to either the project owners or the public.

tags | exploit
MD5 | 5218d870303518aa7d0b71e57debb359
Gitea Git Hooks Remote Code Execution
Posted Apr 7, 2021
Authored by Christophe de la Fuente, Podalirius | Site metasploit.com

This Metasploit module leverages an insecure setting to get remote code execution on the target OS in the context of the user running Gitea. This is possible when the current user is allowed to create git hooks, which is the default for administrative users. For non-administrative users, the permission needs to be specifically granted by an administrator. To achieve code execution, the module authenticates to the Gitea web interface, creates a temporary repository, sets a post-receive git hook with the payload and creates a dummy file in the repository. This last action will trigger the git hook and execute the payload. Everything is done through the web interface. It has been mitigated in version 1.13.0 by setting the Gitea DISABLE_GIT_HOOKS configuration setting to true by default. This disables this feature and prevents all users (including admin) from creating custom git hooks. This module has been tested successfully against docker versions 1.12.5, 1.12.6 and 1.13.6 with DISABLE_GIT_HOOKS set to false, and on version 1.12.6 on Windows.

tags | exploit, remote, web, code execution
systems | windows
advisories | CVE-2020-14144
MD5 | 4cb5b6740800ce4b96147b406421ff7b
Gitea 1.12.5 Remote Code Execution
Posted Feb 18, 2021
Authored by Podalirius

Gitea version 1.12.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
MD5 | 043b07c09c159696122bfc666130307d
Gitea 1.7.5 Remote Code Execution
Posted Jan 7, 2021
Authored by 1F98D

Gitea version 1.7.5 suffers from a remote code execution vulnerability.

tags | exploit, remote, code execution
advisories | CVE-2019-11229
MD5 | 6c9b0d3fdae6e3de5cf84344b28d7350
GitLab 11.4.7 Remote Code Execution
Posted Dec 24, 2020
Authored by Sam Redmond

GitLab version 11.4.7 authenticated remote code execution exploit. Original discovery of this issue attributed to Mohin Paramasivam in December of 2020.

tags | exploit, remote, code execution
advisories | CVE-2018-19571, CVE-2018-19585
MD5 | 1a523ed1223d47bac34dc42a48d74d42
GitLab 11.4.7 Remote Code Execution
Posted Dec 16, 2020
Authored by Mohin Paramasivam

GitLab version 11.4.7 authenticated remote code execution exploit.

tags | exploit, remote, code execution
advisories | CVE-2018-19571, CVE-2018-19585
MD5 | cfce7f1e899f9335100dc5ba40716f85
Gitlab 11.4.7 Remote Code Execution
Posted Dec 15, 2020
Authored by Fortunato Lodari

Gitlab version 11.4.7 authenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | a36b219bfdec49346a92f4b0b0fb2c32
GitLab File Read Remote Code Execution
Posted Dec 10, 2020
Authored by alanfoster, William Bowling | Site metasploit.com

This Metasploit module provides remote code execution against GitLab Community Edition (CE) and Enterprise Edition (EE). It combines an arbitrary file read to extract the Rails secret_key_base, and gains remote code execution with a deserialization vulnerability of a signed experimentation_subject_id cookie that GitLab uses internally for A/B testing. Note that the arbitrary file read exists in GitLab EE/CE 8.5 and later, and was fixed in 12.9.1, 12.8.8, and 12.7.8. However, the RCE only affects versions 12.4.0 and above when the vulnerable experimentation_subject_id cookie was introduced. Tested on GitLab 12.8.1 and 12.4.0.

tags | exploit, remote, arbitrary, code execution
advisories | CVE-2020-10977
MD5 | 9603149ee63599adcc99cffa47a96d86
Gitlab 12.9.0 Arbitrary File Read
Posted Nov 19, 2020
Authored by Jasper Rasenberg

Gitlab version 12.9.0 authenticated arbitrary file read exploit. A file read vulnerability was previously discovered in this version in May of 2020 by KouroshRZ.

tags | exploit, arbitrary
MD5 | 3a88b97ad457af5b8a78720ceabce567
git-lfs Remote Code Execution
Posted Nov 6, 2020
Authored by Dawid Golunski

Proof of concept git-lfs remote code execution exploit written in Go. Affects Git, GitHub CLI, GitHub Desktop, Visual Studio, GitKraken, SmartGit, SourceTree, and more.

tags | exploit, remote, code execution, proof of concept
advisories | CVE-2020-27955
MD5 | 207206e22d89b9b831273f5d12954acb
GitLab 12.9.0 Arbitrary File Read
Posted May 6, 2020
Authored by KouroshRZ

GitLab version 12.9.0 suffers from an arbitrary file read vulnerability.

tags | exploit, arbitrary
MD5 | cf73f52d03d76f7e24d3a491f13973ab
Gitea 1.7.3 HTML Injection
Posted Mar 18, 2019
Authored by Anti Rais

Gitea versions 1.7.0 through 1.7.3 suffer from a stored html injection vulnerability.

tags | exploit
MD5 | fef0bde612a1a8aa1deaaf4794d240fa
Malicious Git HTTP Server
Posted Nov 15, 2018
Site metasploit.com

This Metasploit module exploits CVE-2018-17456, which affects Git versions 2.14.5, 2.15.3, 2.16.5, 2.17.2, 2.18.1, and 2.19.1 and lower. When a submodule url which starts with a dash e.g "-u./payload" is passed as an argument to git clone, the file "payload" inside the repository is executed. This Metasploit module creates a fake git repository which contains a submodule containing the vulnerability. The vulnerability is triggered when the submodules are initialized.

tags | exploit
advisories | CVE-2018-17456
MD5 | 4b1d60b3080ed9efc3a42b499a19be0f
Git Submodule Arbitrary Code Execution
Posted Oct 17, 2018
Authored by joernchen

This write up provides a proof of concept with technical details for the git submodule arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution, proof of concept
advisories | CVE-2018-17456
MD5 | 8b90c70cc560ce019f65408cbaa40ac8
Git Submodule Arbitrary Code Execution
Posted Oct 8, 2018
Authored by Junio C Hamano

Updated releases address a security flaw that allowed an attacker to execute arbitrary code by crafting a malicious .gitmodules file in a project cloned with --recurse-submodules.

tags | exploit, arbitrary
advisories | CVE-2018-17456
MD5 | d46e51cfa3fc2cc7658517c0783c453b
GitList 0.6.0 Argument Injection
Posted Jul 7, 2018
Authored by Kacper Szurek, Shelby Pace | Site metasploit.com

This Metasploit module exploits an argument injection vulnerability in GitList version 0.6.0. The vulnerability arises from GitList improperly validating input using the php function 'escapeshellarg'.

tags | exploit, php
MD5 | a1733d5d120783b5373e9c89db24e4a6
Git Remote Code Execution
Posted Jun 1, 2018
Authored by Jameel Nabbo

Git versions prior to 2.17.1 suffer from a code execution vulnerability.

tags | exploit, code execution
advisories | CVE-2018-11235
MD5 | e695985eb1d045c6e63efc8b6523d8fa
GitBucket 4.23.1 Remote Code Execution / Arbitrary File Read
Posted May 21, 2018
Authored by Kacper Szurek

GitBucket version 4.23.1 suffers from remote code execution and arbitrary file read vulnerabilities.

tags | exploit, remote, arbitrary, vulnerability, code execution
MD5 | 11844999aa0564bbefc3be466336456d
GitList 0.6 Remote Code Execution
Posted Apr 26, 2018
Authored by Kacper Szurek

GitList version 0.6 unauthenticated remote code execution exploit.

tags | exploit, remote, code execution
MD5 | 5147c5d3c0bfde4c345eae7b7486b30b
Page 1 of 2
Back12Next

File Archive:

November 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    19 Files
  • 2
    Nov 2nd
    25 Files
  • 3
    Nov 3rd
    8 Files
  • 4
    Nov 4th
    7 Files
  • 5
    Nov 5th
    24 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    18 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    106 Files
  • 11
    Nov 11th
    19 Files
  • 12
    Nov 12th
    13 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    18 Files
  • 16
    Nov 16th
    12 Files
  • 17
    Nov 17th
    15 Files
  • 18
    Nov 18th
    12 Files
  • 19
    Nov 19th
    4 Files
  • 20
    Nov 20th
    2 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    22 Files
  • 23
    Nov 23rd
    14 Files
  • 24
    Nov 24th
    19 Files
  • 25
    Nov 25th
    4 Files
  • 26
    Nov 26th
    1 Files
  • 27
    Nov 27th
    4 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close