Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/righel/gitlab-version-nse

Nmap script to guess* a GitLab version.
https://github.com/righel/gitlab-version-nse

gitlab nmap nmap-scripts nse

Last synced: 21 days ago
JSON representation

Nmap script to guess* a GitLab version.

Awesome Lists containing this project

README 

        
# gitlab-version-nse

Nmap script to guess* a GitLab version. 



# Usage

```

git clone https://github.com/righel/gitlab-version-nse

cd gitlab-version-nse 

nmap  --script ./gitlab_version.nse [--script-args="showcves", --script-args="subdir=/custom-subdir"]

```

* use `--script-args="showcves"` to get version CVEs via Vulners API.

* use `--script-args="subdir=/custom-subdir"` if GitLab is installed in a sub-directory.



sample output:

```

$ nmap REDACTED -p 443 --script ./gitlab_version.nse --script-args="showcves"

Starting Nmap 7.80 ( https://nmap.org ) at 2021-11-07 18:39 CET

Nmap scan report for REDACTED

Host is up (0.013s latency).



PORT     STATE SERVICE VERSION

8081/tcp open  http    nginx

| gitlab_version: 

|   cpe:/a:gitlab:gitlab:13.11.2:*:*:*:enterprise: 

|     CVE-2021-22181    4.0     https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22181

|     CVE-2021-22213    4.3     https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22213

|     CVE-2021-22214    4.3     https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-22214

...

Nmap done: 1 IP address (1 host up) scanned in 0.50 seconds

```



## How

Created a dictionary of the (webpack static assets manifest hash, release commit hash) -> gitlab version. 

The list of hashes is automagically updated every day via a github action.