search

GitLab

hashtag
General

In GitLab the 2FA is disabled by default. It has the following three types of repositories:

Repository
Access

Public

Available to everyone (no authentication required)

Internal

Available to all authenticated users

Private

Restricted to specific users

hashtag
Footprinting

The below examples has been taken from the Gitlab section of the Attacking Common Applicationsarrow-up-right HTB's module.

For finding the version we can register an account and browse to /help (Figure 1).

Figure 1: Footprinting GitLab as authenticated users.

hashtag
Manual Enumeration

We can browse to /explore both as unauthenticated (Figure 2) and authenticated users (Figure 3).

Figure 2: Exploring project as an unauthenticated user.
Figure 3: Exploring project as an authenticated user.

Check for registration errors (Figure 4):

Figure 4: Enumerating usernames via registration errors.

hashtag
User Enumeration

LogoGitHub - dpgg101/GitLabUserEnum: GitLab User EnumerationGitHubchevron-right
PreviousGiteaNextGit Tools

Last updated