CVE-2022-1162 PoC — GitLab Community Edition和GitLab Enterprise Edition 信任管理问题漏洞

Source

https://github.com/ipsBruno/CVE-2022-1162

Associated Vulnerability

Title:GitLab Community Edition和GitLab Enterprise Edition 信任管理问题漏洞 (CVE-2022-1162)
Description:GitLab Enterprise Edition是一套内容管理系统。GitLab Community Edition是美国GitLab公司的一种社区版 GitLab 。 GitLab Community Edition (CE) and Enterprise Edition (EE)存在信任管理问题漏洞，该漏洞由于基于 OmniAuth 的注册中的应用程序代码中存在硬编码凭据，因此存在该漏洞。未经身份验证的远程攻击者可以使用硬编码凭据访问受影响的系统。该漏洞允许远程攻击者获得对易受攻击系统的完全访问权限

Description

A simple tool to enumerate users in gitlab

Readme

# CVE-2022-1162

A GitLab TakeOver Tool

A simple tool to enumerate users in gitlab and login using CVE-2022-1162



### Google Dork
intitle:"Sign in · GitLab"


_____________

### Cmd
python code.py https://url.com

_____________


Pull Requests are Welcome!

File Snapshot


 [4.0K]  /data/pocs/b55f3eaf621ec645a9e8001c4871a7b66dae103c
├── [3.5K]  code.py
└── [ 262]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!