Gogs RCE II
Bookmarked!This exercise covers how to get code execution against the Git self hosted tool: Gogs.
This course covers the exploitation of a remote command execution (RCE) vulnerability in Gogs, a self-hosted git repository management tool. The vulnerability allows attackers to write a malicious session file to the server via a directory traversal bug during file upload, enabling authentication bypass. Once authenticated as an administrator, attackers can leverage git hooks to execute arbitrary commands, effectively gaining control over the server.
The course is divided into several steps: generating a malicious session file, uploading it to exploit the directory traversal vulnerability, and modifying the session ID to gain admin access. Finally, it demonstrates the use of git hooks to run arbitrary shell scripts, showcasing how multiple vulnerabilities can be chained together for a complete exploit. The exercise emphasizes understanding the intricacies of session management and file path manipulation in web applications.