Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/frichetten/gitlab-runner-research
Research on abusing GitLab Runners
https://github.com/frichetten/gitlab-runner-research
Last synced: about 2 months ago
JSON representation
Research on abusing GitLab Runners
- Host: GitHub
- URL: https://github.com/frichetten/gitlab-runner-research
- Owner: Frichetten
- Created: 2020-07-03T18:13:14.000Z (over 4 years ago)
- Default Branch: master
- Last Pushed: 2020-07-14T12:26:33.000Z (over 4 years ago)
- Last Synced: 2024-11-08T23:34:55.643Z (about 2 months ago)
- Language: Python
- Size: 11.7 KB
- Stars: 22
- Watchers: 2
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# gitlab-runner-research
This script is a part of some research I did on abusing GitLab Runners. The full blog post and information is here.
```
usage: hijack-runner.py [-h] [--target TARGET] [--register REGISTER] [--attack ATTACK] [--tag TAG]
[--clone]
Abuse GitLab Runners
optional arguments:
-h, --help show this help message and exit
--target TARGET The GitLab instance to target
--register REGISTER Register a token
--attack ATTACK Use Runner token to steal data
--tag TAG Taglist separated with commas
--clone Will clone the repo locally
```