CVE-2023-7028 PoC — GitLab 安全漏洞

Source

Associated Vulnerability

Description

Repository to install CVE-2023-7028 vulnerable Gitlab instance

Readme

# CVE-2023-7028 with Docker

🎯 Want to practice with the new gitlab CVE ? Follow the instructions

## Build the lab

1. Install Docker : https://docs.docker.com/get-docker/
2. Clone the project : `git clone https://github.com/Trackflaw/CVE-2023-7028-Docker.git`.
3. Go to the project : `cd CVE-2023-7028-Docker `
4. Configure the Gitlab SMTP on `docker-compose.yml`.
5. Change `external_url 'http://gitlab.domain.com'` and `hostname: 'gitlab.domain.com'` with your domain (internal/external no care).
6. Launch the Docker Compose file : `docker compose up -d`.
7. Connect on `http://localhost` 
   - Username : `admin` 
   - Password : `Tr4ckfl4w4th3W1n`
8. Create an account to compromise with a valid mail adress.

## PoC

A Proof of Concept video is available on Trackflaw blog : https://blog.trackflaw.com/en/compromise-gitlab-accounts-with-cve-2023-7028/

[📹 Video link](https://blog.trackflaw.com/images/compromettre-comptes-Gitlab-avec-CVE-2023-7028/exploit.gif)

## Automation

Many PoCs are available online to automate the exploitation of this vulnerability:

- Made by a talented French enthusiast: https://github.com/Vozec/CVE-2023-7028
- https://github.com/V1lu0/CVE-2023-7028

File Snapshot

 [4.0K]  /data/pocs/c126e0941e481653bb05c5dddee828d6ac54abe8
├── [1.0K]  docker-compose.yml
└── [1.2K]  README.md

0 directories, 2 files

Remarks