Gitlab Version Scanner

🗓️ 24 Apr 2024 19:49:48Reported by Julien (jvoisin) VoisinType

Gitlab Version Scanner. Scans Gitlab install for version info

##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##

class MetasploitModule < Msf::Auxiliary
  include Msf::Exploit::Remote::HTTP::Gitlab
  include Msf::Auxiliary::Scanner
  include Msf::Auxiliary::Report

  def initialize
    super(
      'Name' => 'Gitlab Version Scanner',
      'Description' => %q{
          This module scans a Gitlab install for information about its version.
      },
      'Author' => [ 'Julien (jvoisin) Voisin' ],
      'License' => MSF_LICENSE
    )
  end

  def run_host(ip)
    version = gitlab_version
    if version
      print_good("Gitlab version range for #{Rex::Socket.to_authority(ip, datastore['RPORT'])}: #{version.map { |v| v.to_s.gsub('.pre.ce', '-ce').gsub('.pre.ee', '-ee') }.join(' -> ')}")
      report_note(
        host: ip,
        port: datastore['RPORT'],
        proto: ssl ? 'https' : 'http',
        ntype: 'gitlab.version',
        data: { version: version }
      )
    else
      print_error("Unable to find Gitlab version for #{ip}.")
    end
  end
end

24 Jun 2026 19:04Current

5.4Medium risk

Vulners AI Score5.4