From Recon to Getting P1 on TESLA 👻

1. Find out target servers IP

• Tools: Censys and dnsdumpster
   

2.Finding GetLab on One of the IPs

3. Misconfiguration on GitLab Target

• Any one had Access to explore in groups
   

4. Test Default Passwords on Found Username

• I found user allowed me to login with password: "password"
• I could manage so many projects in it.
• Program owner awarded a bounty worth P1 for this find.
   

Credit

Based on YoKo Kho's write-up.
 

Support

You can Follow me on twitter or buy me a Coffee