Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "GitLab public signup" module is designed to detect misconfigurations related to the public signup feature in GitLab. GitLab is a web-based DevOps lifecycle tool that provides a complete workflow to manage source code, collaborate on projects, and automate software development processes. This module focuses on identifying any misconfigurations in the public signup functionality of GitLab instances.
This module has an informative severity level, which means it provides valuable information but does not indicate a critical vulnerability or misconfiguration.
A misconfigured public signup feature in GitLab can have various impacts, including:
- Potential unauthorized access to the GitLab instance - Increase in the attack surface, making it easier for attackers to target the system - Possibility of unauthorized users registering and gaining access to sensitive informationThe "GitLab public signup" module works by sending HTTP requests to the target GitLab instance and analyzing the responses based on specific matching conditions. It checks for the presence of certain HTML elements and verifies the response status code to determine if the public signup feature is misconfigured.
Here is an example of an HTTP request used by this module:
GET /users/sign_in
The module then applies the following matching conditions:
- Checks if the response contains the HTML element with the link to the registration page:<a data-qa-selector="register_link" href="/users/sign_up">Register now</a>
- Verifies if the response contains the HTML element for the new user registration button: data-qa-selector="new_user_register_button"
- Ensures that the response includes the expected URL for GitLab: https://about.gitlab.com
- Confirms that the response status code is 200 (OK)
- Checks if the response does not contain the HTML meta tag with the description of "GitLab.com"
If all the matching conditions are met, the module reports a potential misconfiguration in the public signup feature of the GitLab instance.