GitLab

General

In GitLab the 2FA is disabled by default. It has the following three types of repositories:

Repository
Access

Public

Available to everyone (no authentication required)

Internal

Available to all authenticated users

Private

Restricted to specific users

Footprinting

The below examples has been taken from the Gitlab section of the Attacking Common Applications HTB's module.

For finding the version we can register an account and browse to /help (Figure 1).

Figure 1: Footprinting GitLab as authenticated users.

Manual Enumeration

We can browse to /explore both as unauthenticated (Figure 2) and authenticated users (Figure 3).

Figure 2: Exploring project as an unauthenticated user.
Figure 3: Exploring project as an authenticated user.

Check for registration errors (Figure 4):

Figure 4: Enumerating usernames via registration errors.

User Enumeration

LogoGitHub - dpgg101/GitLabUserEnum: GitLab User EnumerationGitHub
PreviousGiteaNextGit Tools

Last updated

Was this helpful?