Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) exploit

Pages (3): « Previous 1 2 3 Next »

by miyako - Wednesday October 9, 2024 at 11:07 AM

imspero1618

Breached

Posts: 32

Threads: 2

Joined: Nov 2023

Reputation: 0

#11

12-04-2024, 03:16 PM

very nicely done sir

lolololololololo265l

Breached

Posts: 8

Threads: 0

Joined: Dec 2024

Reputation: 0

#12

12-08-2024, 03:49 PM

(10-09-2024, 11:07 AM)miyako Wrote: The flaw, tracked as CVE-2024-45409, arises from an issue in the OmniAuth-SAML and Ruby-SAML libraries, which GitLab uses to handle SAML-based authentication.

The vulnerability occurs when the SAML response sent by an identity provider (IdP) to GitLab contains a misconfiguration or is manipulated.

Specifically, the flaw involves insufficient validation of key elements in the SAML assertions, such as the extern_uid (external user ID), which is used to uniquely identify a user across different systems.

An attacker can craft a malicious SAML response that tricks GitLab into recognizing them as authenticated users, bypassing SAML authentication and gaining access to the GitLab instance.

The CVE-2024-45409 flaw impacts GitLab 17.3.3, 17.2.7, 17.1.8, 17.0.8, 16.11.10, and all prior releases of those branches.

I'll search dorks and it's done! thank you

1littlecub

Advanced User

Posts: 51

Threads: 5

Joined: Jun 2023

Reputation: 0

#13

12-08-2024, 05:52 PM

thank you. i hope it works fine

ZasieuN

Breached

Posts: 41

Threads: 2

Joined: Jul 2023

Reputation: 0

#14

12-13-2024, 02:41 PM

gonna test my office gitlab

azamii

Breached

Posts: 19

Threads: 3

Joined: Nov 2024

Reputation: 30

#15

01-15-2025, 04:22 AM

thanks using this now ))

nimz

Breached

Posts: 8

Threads: 0

Joined: Jul 2024

Reputation: 0

#16

01-15-2025, 08:51 AM

Thanks for your contribution

kikbusnixe

Breached

Posts: 7

Threads: 0

Joined: Feb 2025

Reputation: 0

#17

02-10-2025, 06:19 AM

Pretty explained. Thanks!

darksnow54

Breached

Posts: 30

Threads: 4

Joined: Aug 2023

Reputation: 0

#18

02-12-2025, 12:44 AM

Thanks for the info and the explanation will help in future

Angst

Breached

Posts: 6

Threads: 0

Joined: Feb 2025

Reputation: 0

#19

02-17-2025, 02:46 PM

Thanks for sharing!

Alcxtraze

User

Posts: 139

Threads: 11

Joined: Apr 2024

Reputation: 425

#20

03-25-2025, 06:42 AM

of course brother

This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Attempted Scamming Thread-DATABASE-Database-Empik-com-Poland-11-825-92 | http://breachddyfwvcp4kzccos5oxtdbssmfbp...an-Appeals if you feel this is incorrect.

« Next Oldest | Next Newest »

Pages (3): « Previous 1 2 3 Next »

Possibly Related Threads…
Thread		Author	Replies	Views	Last Post
	Help Microsoft Teams Gif Exploit	guniess0x	0	3	10 hours ago Last Post: guniess0x
	Ban Any Discord Exploit	PhineasFisher	6	295	02-08-2026, 11:49 PM Last Post: skype
	CVE-2025-40554 - SolarWinds Web Help Desk Auth Bypass & RCE PoC	miyako	3	73	02-07-2026, 03:32 PM Last Post: cysc
	POC CVE-2025-24071	caca28sapo1	15	805	02-07-2026, 08:53 AM Last Post: hacker0123
	HPE OneView RCE Exploit [CVE-2025-37164]	Hawx01	8	261	02-06-2026, 07:08 PM Last Post: hacker0123

Users browsing this thread: