Certified Defensive Security Analyst by Academy. Get started now!
Bitlab is a medium difficulty Linux machine running a Gitlab server. The website is found to contain a bookmark, which can autofill credentials for the Gitlab login. After logging in, the user&#039;s developer access can be used to write to a repository and deploy a backdoor with the help of git hooks. The PostgreSQL server running locally is found to contain the user&#039;s password, which is used to gain SSH access. The user&#039;s home folder contains Windows binary, which is analyzed to obtain the root password.