https://feed.craftedsignal.io/tags/gitpython/Trending threats, MITRE ATT&CK coverage, and detection metadata — refreshed continuously.Hugoenhello@craftedsignal.iohello@craftedsignal.ioTue, 23 Jan 2024 12:00:00 +0000https://feed.craftedsignal.io/briefs/2024-01-23-gitpython-hook-execution/Tue, 23 Jan 2024 12:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2024-01-23-gitpython-hook-execution/A vulnerability in GitPython versions prior to 3.1.47 allows for command execution during repository cloning by manipulating the `multi_options` parameter to inject malicious Git configurations, such as `core.hooksPath`, leading to the execution of attacker-controlled hooks.GitPython before version 3.1.47 is susceptible to a command execution vulnerability. The issue stems from how the _clone() function validates the multi_options parameter used in the clone_from(), clone(), or Submodule.update() methods. Specifically, the validation occurs on the original list of options before the shlex.split transformation. This allows an attacker to craft a string like "--branch main --config core.hooksPath=/x" which passes the initial validation because it starts with a safe option (--branch). However, after the string is split into tokens, the --config option becomes active, allowing the attacker to inject a malicious core.hooksPath configuration. This configuration points Git to a directory containing attacker-controlled Git hooks, which are then executed during the clone operation. This vulnerability is similar in nature to CVE-2023-40267.

Attack Chain

1. An attacker identifies a vulnerable application using GitPython to clone repositories.
2. The attacker crafts a malicious string containing a Git configuration option, such as --config core.hooksPath=/path/to/malicious/hooks, embedded within a seemingly benign option string like --branch main --config core.hooksPath=/path/to/malicious/hooks.
3. The attacker injects this malicious string into the multi_options parameter of the clone_from(), clone(), or Submodule.update() methods.
4. GitPython’s _clone() function validates the multi_options parameter using Git.check_unsafe_options() before it is processed by shlex.split().
5. Because the malicious string starts with a safe option (--branch), it bypasses the validation check.
6. The shlex.split() function then transforms the string into a list of individual options, making the --config option active.
7. The git clone command is executed with the injected --config core.hooksPath=/path/to/malicious/hooks option, causing Git to use the attacker-controlled directory for Git hooks.
8. Git executes the malicious hooks (e.g., post-checkout), resulting in arbitrary code execution on the victim’s machine.

Impact

Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the system where the GitPython library is used. Any application that passes user-supplied input to the multi_options parameter of the affected functions is vulnerable. This can lead to complete system compromise, data exfiltration, or denial of service. The vulnerability affects GitPython versions prior to 3.1.47.

Recommendation

• Upgrade GitPython to version 3.1.47 or later to patch the vulnerability (Affected Packages).
• Implement input validation and sanitization for any user-supplied input used to construct the multi_options parameter to prevent injection of malicious Git configurations (Code).
• Monitor process creation events for the execution of unexpected processes from directories specified as core.hooksPath (see Sigma rule Detect Suspicious Git Hook Execution).
• Deploy the Sigma rules in this brief to your SIEM and tune for your environment.

]]>highadvisorygitpythoncode-executiongit-hookscommand-injectionhttps://feed.craftedsignal.io/briefs/2024-01-09-gitpython-cmd-injection/Tue, 09 Jan 2024 10:00:00 +0000hello@craftedsignal.iohttps://feed.craftedsignal.io/briefs/2024-01-09-gitpython-cmd-injection/GitPython versions 3.1.30 through 3.1.46 are vulnerable to command injection by passing attacker-controlled kwargs into `Repo.clone_from()`, `Remote.fetch()`, `Remote.pull()`, or `Remote.push()`, leading to arbitrary command execution due to bypassed safety checks.GitPython, a library providing programmatic interaction with Git repositories, is susceptible to a command injection vulnerability in versions 3.1.30 to 3.1.46. The vulnerability stems from insufficient validation of keyword arguments (kwargs) passed to functions like Repo.clone_from(), Remote.fetch(), Remote.pull(), and Remote.push(). Specifically, when underscore-form kwargs (e.g., upload_pack) are used, they bypass the intended safety checks designed to prevent the execution of arbitrary commands via Git options like --upload-pack. This occurs because the validation logic only checks for hyphenated forms (e.g., upload-pack). Attackers can exploit this by injecting malicious commands through these kwargs, even when allow_unsafe_options is set to its default value of False. This issue was reported on April 25, 2026.

Attack Chain

1. An attacker identifies a web application or system that uses GitPython to manage Git repositories.
2. The attacker finds an endpoint or function where they can control kwargs passed to Repo.clone_from(), Remote.fetch(), Remote.pull(), or Remote.push().
3. The attacker crafts a malicious payload, using underscore-form kwargs such as upload_pack or receive_pack, setting their value to a command they want to execute (e.g., a shell script path or a direct command).
4. The application or system, using a vulnerable version of GitPython, receives these kwargs and bypasses the intended safety check.
5. GitPython’s Git.transform_kwarg() method converts the underscore-form kwargs into their corresponding hyphenated Git options (e.g., upload_pack becomes --upload-pack).
6. The Git command is executed with the attacker-controlled option, leading to arbitrary command execution on the system.
7. The attacker gains unauthorized access, potentially stealing credentials, modifying repositories, or moving laterally within the network.

Impact

Successful exploitation of this vulnerability can lead to severe consequences, especially in web applications, CI/CD systems, and automation tools that rely on GitPython for repository management. Attackers could steal SSH keys, API tokens, cloud credentials, or other sensitive information. They could also modify repositories, build outputs, or release artifacts, leading to supply chain attacks. In CI/CD environments, this vulnerability could enable lateral movement from worker nodes or compromise the entire automation infrastructure. The number of affected systems depends on the prevalence of vulnerable GitPython versions in exposed applications.

Recommendation

• Upgrade GitPython to version 3.1.47 or later to remediate the vulnerability (affected_products).
• Review code that uses Repo.clone_from(), Remote.fetch(), Remote.pull(), or Remote.push() and ensure that kwargs are properly validated to prevent attacker-controlled input (references).
• Implement input validation to block underscore-form kwargs such as upload_pack or receive_pack before they are passed to GitPython functions (references).
• Deploy the Sigma rule Detect GitPython Kwarg Command Injection to identify potential exploitation attempts in application logs (rules).

]]>highadvisorycommand-injectiongitpythonvulnerability