IllustratorsLeak
LiveOverflow
LiveOverflow

patreon


GitLab 11.4.7 Remote Code Execution

 Video write-up about the Real World CTF challenge "flaglab" that involved exploiting a GitLab 1day. Actually two CVEs are combined to achieve full remote code execution:

CVE-2018-19571 (SSRF) + CVE-2018-19585 (CRLF) = RCE

Not only is there a video, but thanks to your support I have started to pay a technical writer to turn videos into articles. This technical writer is no other than @PwnFunction (who also has an excellent YouTube channel).

read it here:  https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ 

GitLab 11.4.7 Remote Code Execution

More Creators