渗透大法gitlab姿势

/ 默认分类 / 2 条评论 / 1692 浏览

本站的所有程序和文章,仅限用于学习和研究目的;不得用于商业或者非法用途,否则,一切后果请用户自负!!

前言

最近搞了个站,进入有个gitlab。然后就是各种操作。

基础知识

进入控制台

gitlab-rails console production

如果没配置环境变量,cd到安装目录下

\bin\rails console production

修改用户密码

通过用户名查找,赋值给user
user = User.where(username:"root").first

修改密码
user.password = "abc123"
user.password_confirmation= "abc123"
user.save!

修改用户为管理员

普通用户,可通过登录界面注册

通过用户名查找,赋值给user
user = User.where(username:"test").first
user.admin=ture
user.save!

添加用户

没试过,找了文章

This is quite a 'classic' problem and the immediate thought ("just do it mySQL") doesn't work here because of the need to have the rails piece that encodes a password that is entered.
So you need to actually use rails, something like this (this should all be happening in your local development environment which is the default when working locally):

You need to create a user.

Try this:

cd the_root_of_the_project

script/rails console

> User.create(:username => 'admin', 
  :password => 'abc123', 
  :password_confirmation => 'abc123') 
  # Add other fields, such as first_name, last_name, etc. 
  # as required by the user model validators.
  # Perhaps :admin => true
This assumes a few things (so change as required) such as an authentication system such as authLogic or devise, attribute and field names, etc, but you should be able to adjust to your needs. You can determine what these are by looking at a few things, specifically the database migration files in db/migrate, the model validations in user/model/user, any existing "seeds" filew for users in db/seeds.rb and the authentication system hooks.

As to 'where' to do this - obviously the console works but you might also want to use the seeds file for this. Whatever 'create' command you use in the console can be placed in here, then run with rake db:seed. The downside is that if you check this file into source control it's less secure. The seeds file is really useful for other tasks such as creating reference tables, initial categories, etc.

If you don't have the database actually created at all yet, you'll need to be aware of and use these tasks:

rake db:create 
# as it sounds, creates a database (but no application tables or columns), 
# using the config/database.yml file for the connection info.

rake db:migrate 
# Creates tables and columns using the db/migrate/ files.

rake db:seed 
# Runs commands in db/seeds.rb to create initial records for the application.

ref

  • http://blog.iaquam.com/2019/02/20/GitLab%E9%87%8D%E7%BD%AE%E7%AE%A1%E7%90%86%E5%91%98%E5%AF%86%E7%A0%81/
  • https://gist.github.com/tacettin/8182358

本文最后编辑时间为: 2022-09-03

如本文对你有帮助,点击下面广告支持一下吧,创作不易,感谢大佬。

safe6
  1. 内容:./rails console -e production

  2. 内容:删除用户user.delete 用户表https://gitlab.com/gitlab-org/gitlab-foss/-/issues/51191