$29,000 GitLab - Arbitrary File Read using symlinks

preview_player
Показать описание

This video is about a vulnerability in GitLab that allowed reading any files from the server. The reporter, William Bowling, was rewarded $29,000 of bug bounty.

Timestamps:

00:00 Intro
00:34 Importing GitLab groups
02:00 Symlinks
04:30 POC - reading arbitrary files on GitLab
  1. Bug Bounty Reports Explained
Рекомендации по теме
$29,000 GitLab - 0:06:43

$29,000 GitLab - Arbitrary File Read using symlinks

131 - GitLab 0:34:57

131 - GitLab Arbitrary File Read and Bypassing PHP's filter_var [Bug Bounty Podcast]

Exploiting Gitlab 12.8.1 0:16:03

Exploiting Gitlab 12.8.1 - Laboratory on HackTheBox

147 - Stealing 0:32:33

147 - Stealing GDrive Tokens, a GitLab Bug, and macOS 'Powerdir' Vulnerability [Bug Bounty...

Fortify with GitHub 0:05:44

Fortify with GitHub & GitLab

CI/CD Deployment to 0:03:01

CI/CD Deployment to Amazon S3 using GitLab

141 - XSS 0:37:07

141 - XSS for NFTs, a VMWare Workspace ONE SSRF, and GitLab CI Container Escape [Bug Bounty Podcast]

047 - Fingerprinting 2:04:57

047 - Fingerprinting Exploit Devs, BLURtooth and Punking Punkbuster

TryHackMe - SuperSecretTIp 0:58:07

TryHackMe - SuperSecretTIp

GitHub Actions Tutorial 0:32:31

GitHub Actions Tutorial - Basic Concepts and CI/CD Pipeline with Docker

Git Good: Version 0:49:00

Git Good: Version Control Basics - Sam Coy

SQLi, ToC/ToU & 0:39:56

SQLi, ToC/ToU & Arbitrary File Write - Proper @ HackTheBox

Supply Chain Attack 1:38:19

Supply Chain Attack Primer - Popping RCE Without an HTTP Request (feat 0xLupin) (Ep. 74)

So You Think 0:47:00

So You Think You Know Git - FOSDEM 2024

CI/CD Pipeline with 0:36:05

CI/CD Pipeline with GitLab and K8s | Jérôme Petazzoni LKE Helm Workshop

6.2 Software Testing 1:46:25

6.2 Software Testing - CodeRefinery 2024 Mar

Signed, Sealed, Delivered: 0:48:34

Signed, Sealed, Delivered: Abusing Trust in Software Supply Chain Attacks

HackTheBox - Laboratory 0:38:52

HackTheBox - Laboratory

Niall Byrne - 1:55:59

Niall Byrne - CI/CD 101

How to install 0:06:21

How to install a specific package version in Alpine?

069 - Fast 1:45:14

069 - Fast Fuzzing, Malicious Pull Requests, and Rust in my kernel?!

Hacking Websites by 0:07:50

Hacking Websites by Uploading files (With symlinks)

Meltano Demo Day 1:01:15

Meltano Demo Day - 2021-04-23

Velikov & Suarez 0:54:00

Velikov & Suarez with Griffais - Releasing and testing free opensource graphics drivers

Комментарии
Автор

Powodzenia z tym kanałem, robisz kozacką robotę

kiedysbedemilionerem
Автор

I need how to get this bug bounty report in detail

Al-rtec
Автор

Very interesting bug! Thanks for the clear explanation

e.donker
Автор

Very cool new animations in the report explained (and sound effects too) - but I'm not so sure about the fish-eye camera, are u?

cyber-man
Автор

I'm back for watching your videos

bdsgameing
Автор

This is basically zipslip, isn't it? Nonetheless it's an interesting finding!

matteo