GitLab Post-Exploitation
Daftar Isi Bab 1 — Post-Exploitation setelah Account Takeover 1.1 Prerequisite 1.2 Generate Personal Access Token 1.3 Reconnaissance via Admin Panel 1.4 RCE via Server-Side Git Hooks (GitLab EE) 1.5 RCE via CI/CD Pipeline (jika ada Runner) 1.6 RCE tanpa Runner — Authenticated CVE 1.7 SSRF via Webhook 1.8 Extract Secrets (CI Variables, Repos, Snippets) 1.9 Cloud Metadata Pivot 1.10 Persistence 1.11 Prioritas Jalur Eksploitasi Bab 2 — Privilege Escalation Linux 2.1 Situasi Awal 2.2 Stabilkan Shell 2.3 Enumerasi Otomatis 2.4 SUID / SGID Binaries 2.5 Sudo Misconfig 2.6 Cron Jobs 2.7 Writable Files & Services 2.8 Capabilities 2.9 Kernel Exploit 2.10 Docker / Container Escape 2.11 GitLab-Specific Privesc 2.12 Checklist Ringkasan Bab 3 — Pivoting ke Internal Network 3.1 Situasi Awal 3.2 Network Discovery 3.3 Port Scanning dari Dalam 3.4 Tunneling & Port Forwarding 3.5 Pivot ke Database 3.6 Pivot ke Server Lain via SSH 3.7 Pivot ke Cloud Infrastructure 3.8 Lateral Movement via Credentials Reuse 3.9 Pivot Tools 3.10 Ringkasan Flow Pivoting Bab 1 — Post-Exploitation setelah Account Takeover 1.1 Prerequisite Sebelum melanjutkan, pastikan kamu sudah memiliki: ...