Git Shell Bypass By Abusing Less (CVE-2017-8386)

The git-shell is a restricted shell maintained by the git developers and is meant to be used as the upstream peer in a git remote session over a ssh tunnel. The basic idea behind this shell is to restrict the allowed commands in a ssh session to the ones required by git which are as follows:

  • git-receive-pack
    • Receives repository updates from the client.
  • git-upload-pack
    • Pushes repository updates to the client.
  • git-upload-archive
    • Pushes a repository archive to the client.

Besides those built-in commands, an administrator can also provide it’s own commands via shell scripts or other executable files. As those are typically completely custom, this post will concentrate on the built-in ones.

Note: This has nothing to do with the also recently fixed vulnerabilities in gitlab [1] [2].

Continue reading “Git Shell Bypass By Abusing Less (CVE-2017-8386)”

Continue reading

Social Coding – Simple Things to Keep in Mind (updated)

The current trend of social coding finally arrived at ERNW! From now on, you will find our public released tools and scripts commonly on Therefore I would like to share some thoughts/guidelines which you have to keep in mind if you want to be a social coder: Continue reading “Social Coding – Simple Things to Keep in Mind (updated)”

Continue reading