Skip to content

Exploit

pipeleek gl jobToken exploit

Fetch secure files and attempt repo write

Synopsis

Validate the job token, fetches secure files for the project, then attempts a proof write to the repository using the CI job token.

1
pipeleek gl jobToken exploit [flags]

Examples

1
pipeleek gl jobToken exploit --token glcbt-xxxxxxxxxxx --project mygroup/myproject

Options

1
2
  -h, --help             help for exploit
  -p, --project string   Project path (namespace/repo)

Options inherited from parent commands

1
2
3
4
5
6
7
8
9
      --color              Enable colored log output (auto-disabled when using --logfile) (default true)
      --config string      Config file path. Example: ~/.config/pipeleek/pipeleek.yaml
  -g, --gitlab string      GitLab instance URL
      --ignore-proxy       Ignore HTTP_PROXY environment variable
      --json               Use JSON as log output format
      --log-level string   Set log level globally (debug, info, warn, error). Example: --log-level=warn
  -l, --logfile string     Log output to a file
  -t, --token string       GitLab CI Job Token
  -v, --verbose            Enable debug logging (shortcut for --log-level=debug)

SEE ALSO