Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/wuhan005/cve-2022-30781

🍵 Gitea repository migration remote command execution exploit.
https://github.com/wuhan005/cve-2022-30781

cve cve-2022-30781 exploit gitea

Last synced: about 10 hours ago
JSON representation

🍵 Gitea repository migration remote command execution exploit.

Host: GitHub
URL: https://github.com/wuhan005/cve-2022-30781
Owner: wuhan005
Created: 2022-05-22T05:15:58.000Z (over 2 years ago)
Default Branch: master
Last Pushed: 2022-05-26T11:32:21.000Z (over 2 years ago)
Last Synced: 2024-05-02T02:23:02.769Z (6 months ago)
Topics: cve, cve-2022-30781, exploit, gitea
Language: HTML
Homepage:
Size: 3.91 KB
Stars: 86
Watchers: 4
Forks: 16
Open Issues: 0
Metadata Files:
- Readme: README.md

Awesome Lists containing this project

README

# 🍵 CVE-2022-30781
Gitea repository migration remote command execution exploit.

## How to use

1. Run an HTTP filesystem server with the files in this repository.
2. Edit the command to be exeucted in `api/v1/repos/e99/exp/pulls/1/index.html L96`.
3. Migrate remote repository with URL `http:///e99/exp` on the Gitea instance.
4. Pwnned!

## Reference

https://tttang.com/archive/1607/ (Chinese)

## Credit

[@wuhan005](https://github.com/wuhan005) [@Li4n0](https://github.com/li4n0) from Vidar-Team

**This repository is only for security researches/teaching purposes, use at your own risk!**