module

GitLab GraphQL API User Enumeration

Disclosed
2022-02-25
Created
2022-03-12

Description

This module queries the GitLab GraphQL API without authentication
to acquire the list of GitLab users (CVE-2021-4191). The module works
on all GitLab versions from 13.0 up to 14.8.2, 14.7.4, and 14.6.5.

Authors

jbaines-r7
mungsul

Module Options

To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:


msf > use auxiliary/scanner/http/gitlab_graphql_user_enum
msf auxiliary(gitlab_graphql_user_enum) > show actions
...actions...
msf auxiliary(gitlab_graphql_user_enum) > set ACTION < action-name >
msf auxiliary(gitlab_graphql_user_enum) > show options
...show and set options...
msf auxiliary(gitlab_graphql_user_enum) > run

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.