Back to directory

WRITEUP #296

Hijacking GitHub Runners To Compromise The Organization

Privilege EscalationCI/CD

by@hugow_vincent(Hugo Vincent)

Program

-

Published

May 22, 2024

Added to HackDex

Jul 1, 2024

Read Full Writeuphttps://www.synacktiv.com/publications/hijacking-github-runners-to-compromise-the-organization.html

▸ RELATED WRITEUPS

Vulnerabilities in Open Source C2 Frameworks

RCEOS command injection

Escalating From Reader To Contributor In Azure API Management

Privilege Escalation

Microsoft Windows MSI Installer - Repair to SYSTEM - A detailed journey

Privilege EscalationLocal Privilege Escalation

Hijacking SQL Server Credentials using Agent Jobs for Domain Privilege Escalation

Privilege Escalation

Revival Hijack – PyPI hijack technique exploited in the wild, puts 22K packages at risk

Built with ❤️ by Shubham Rawat