关联漏洞
标题:
GitLab 安全漏洞
(CVE-2023-7028)
描述:GitLab是美国GitLab公司的一个开源的端到端软件开发平台,具有内置的版本控制、问题跟踪、代码审查、CI/CD(持续集成和持续交付)等功能。 GitLab 存在安全漏洞,该漏洞源于用户帐户密码重置电子邮件可能会发送到未经验证的电子邮件地址。
描述
Repository to install CVE-2023-7028 vulnerable Gitlab instance
介绍
# CVE-2023-7028 with Docker
🎯 Want to practice with the new gitlab CVE ? Follow the instructions
## Build the lab
1. Install Docker : https://docs.docker.com/get-docker/
2. Clone the project : `git clone https://github.com/Trackflaw/CVE-2023-7028-Docker.git`.
3. Go to the project : `cd CVE-2023-7028-Docker `
4. Configure the Gitlab SMTP on `docker-compose.yml`.
5. Change `external_url 'http://gitlab.domain.com'` and `hostname: 'gitlab.domain.com'` with your domain (internal/external no care).
6. Launch the Docker Compose file : `docker compose up -d`.
7. Connect on `http://localhost`
- Username : `admin`
- Password : `Tr4ckfl4w4th3W1n`
8. Create an account to compromise with a valid mail adress.
## PoC
A Proof of Concept video is available on Trackflaw blog : https://blog.trackflaw.com/en/compromise-gitlab-accounts-with-cve-2023-7028/
[📹 Video link](https://blog.trackflaw.com/images/compromettre-comptes-Gitlab-avec-CVE-2023-7028/exploit.gif)
## Automation
Many PoCs are available online to automate the exploitation of this vulnerability:
- Made by a talented French enthusiast: https://github.com/Vozec/CVE-2023-7028
- https://github.com/V1lu0/CVE-2023-7028
文件快照
[4.0K] /data/pocs/c126e0941e481653bb05c5dddee828d6ac54abe8
├── [1.0K] docker-compose.yml
└── [1.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。