GitLab 11.4.7 Remote Code Execution

GitLab 11.4.7 Remote Code Execution - Real World CTF 2018

2019-04-21

[public] 105K views, 4.49K likes, 29.0 dislikes audio only

Video write-up about the Real World CTF challenge "flaglab" that involved exploiting a gitlab 1day. Actually two CVEs are combined to achieve full remote code execution:

CVE-2018-19571 (SSRF) + CVE-2018-19585 (CRLF) = RCE

flaglab - docker-compose: https://gist.github.com/LiveOverflow/8bf92dd86e5c481fb484af83c64e83b3#file-docker-compose-yml

Release: https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow

→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/

→ Website: https://liveoverflow.com/

→ Subreddit: https://www.reddit.com/r/LiveOverflow/

→ Facebook: https://www.facebook.com/LiveOverflow/

#CTF #CVE

Find the Bug To Exploit
/youtube/video/LrLJuyAdoAg?t=184.35001

Commit History
/youtube/video/LrLJuyAdoAg?t=220.019

Import a Repository
/youtube/video/LrLJuyAdoAg?t=376.88901

Ipv6 Bypass
/youtube/video/LrLJuyAdoAg?t=403.79999

Target Redis
/youtube/video/LrLJuyAdoAg?t=475.379

Newline Injection
/youtube/video/LrLJuyAdoAg?t=638.97998

Supported Protocols
/youtube/video/LrLJuyAdoAg?t=668.19897

LiveOverflow just a wannabe hacker... making videos about various IT security topics and participating in hacking competitions. -=[ ❤️ Support me ]=- Patreon per Video: https://www.patreon.com/join/liveoverflow YouTube Membership per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 📄 Imprint ]=- Security Flag GmbH Celsiusstr. 72 12207 Berlin Germany
/youtube/channel/UClcE-kVhqyiHCcjYwcpfj9w

I’m moving, no videos sorry 17,489 views
/youtube/video/9CS3q0uG1LI

Failing easy local file inclusion challenge - mindreader (misc) Google CTF 2017 69,606 views
/youtube/video/0TPXvpaiYWc