Giters

GitLab-Red-Team / cve-hash-harvester

Finds an identifiable hash value for each version of GitLab vulnerable to a specific CVE by the related semantic reversion range (example: https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json) for use in passive fingerprinting.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

cve-hash-generator

Finds an identifiable hash value for each version of GitLab vulnerable to a specific CVE by the defined semantic version range. Example: https://gitlab.com/gitlab-org/cves/-/blob/9e9a08f61709c8016039468c90e1880715d173e7/2021/CVE-2021-22205.json#L19-29.

Running The Tool

Prerequisites

This tool requires that docker be installed along with docker-compose on the machine executing the binary. A paid license for docker is recommended due to the number of image downloads necessary in some cases. This tool requires connection to a mongodb instance of your choice. A docker-compose.yml file exists for convenience.

Usage

  • Clone the repository.
  • Type make build. The process may take a couple of minutes.
  • Change the password in the docker-compose.yml file in the root of the repository. There are three occurances of the password, which need to match.
  • Change directories with cd ./bin.
  • Edit the .env file in the ./bin directory to set the environment variable "MONGODB_URI" to an appropriate connection string. Example: MONGODB_URI="mongodb://root:<MY_SECURE_PASSWORD>@localhost:27017/". <MY_SECURE_PASSWORD> should match the password you used in the docker-compose.yml file.
  • Run: docker-compose up -d to launch the mongodb instance and mongo express viewer. NOTE: this app requires a mongodb instance, whether in docker or elsewhere.
  • Launch the mongo express viewer if you like at: http://localhost:8081/
  • Run the tool with ./cve-hash-harvester --mongoCollection <CVE_ID> --vulnerableConstraints <semver_range1> --vulnerableConstraints <semver_range2> ...
  • Example to generate hashes for CVE-2021-22205: ./cve-hash-harvester -m CVE-2021-22205 -v ">=11.9, <13.8.8" -v ">=13.9, <13.9.6" -v ">=13.10, <13.10.3"

Contributing

This project uses AngularJS commit message formatting to support automatic semantic versioning releases using semantic-release. For an MR to be accepted, each commit message must follow this format.

  • Clone the project. Run git checkout -b <my-awesome-updates>.
  • Run make .init to initialize the local dev environment
  • Run make .test to run the tests
  • Run make build to produce binaries
  • Commit your changes using the commit message formatting mentioned above.

About

Finds an identifiable hash value for each version of GitLab vulnerable to a specific CVE by the related semantic reversion range (example: https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22205.json) for use in passive fingerprinting.

License:Other

Languages

Language:Go 95.0%Language:Makefile 2.1%Language:JavaScript 1.6%Language:Shell 1.4%