Skip to content

Loma95/gitea_exploits

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
README.MD
README.MD
 
 
lfs_attack.py
lfs_attack.py
 
 
rce_attack.py
rce_attack.py
 
 
session
session
 
 

Repository files navigation

For a university assignment i created two exploits for gitea 1.4.0

The lfs exploit creates a fake object id in the database pointing to private repository files. After that we are able to get the file we are pointing to.

The rce exploit uploads a fake session file into the sessions folder to authenticate as the admin. After that we can execute code by putting our exploit code into a git update hook and triggering it.

Both are based on kacperszurek's gitea exploit :) see -> https://github.com/kacperszurek/exploits/tree/master/Gitea Thanks!

About

Exploits for gitea targeting the version 1.4.0

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages