2.4 KiB
2.4 KiB
Run gitea-livecheck-20260316
LAB ONLY|AUTHORIZED TARGETS ONLY| 自动生成 run bundle
- Advisory:
gitea--CVE-2025-68939 - 系统:
gitea - Repro Profile:
file-upload-generic - 实证状态:
blocked-artifact - 实证方式:
real - Artifact 模式:
official-image - 启动时间:
2026-03-17T07:02:55+00:00 - 完成时间:
2026-03-17T07:02:56+00:00 - 阻塞原因:
unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running? - Compose 服务:
app
运行时间线
- Mermaid: timeline.mmd
| 时间 | 步骤 | 状态 | 说明 |
|---|---|---|---|
2026-03-17T07:02:55+00:00 |
select-advisory |
completed |
gitea--CVE-2025-68939 |
2026-03-17T07:02:55+00:00 |
resolve-repro-profile |
completed |
file-upload-generic |
2026-03-17T07:02:56+00:00 |
provision-compose-environment |
blocked-artifact |
unable to get image 'gitea/gitea:1.22.6': Cannot connect to the Docker daemon at unix:///Users/x/.docker/run/docker.sock. Is the docker daemon running? |
2026-03-17T07:02:56+00:00 |
baseline-snapshot |
skipped |
no baseline urls or provisioning blocked |
2026-03-17T07:02:56+00:00 |
browser-replay-before-attack |
skipped |
baseline browser capture unavailable |
2026-03-17T07:02:56+00:00 |
controlled-attack-chain |
skipped |
provisioning blocked |
2026-03-17T07:02:56+00:00 |
browser-replay-after-attack |
skipped |
proof browser capture unavailable |
2026-03-17T07:02:56+00:00 |
collect-logs-and-evidence |
skipped |
container_logs=0 |
2026-03-17T07:02:56+00:00 |
update-registry-and-reports |
completed |
gitea-livecheck-20260316 |
Compose 拓扑
- Compose 文件:
/Users/x/websafe/06-case-studies/generated-runs/gitea-livecheck-20260316/compose/compose.yaml - 服务列表:
app
攻击步骤
| 工具/步骤 | 状态 | 结果 |
|---|---|---|
- |
skipped |
no attack steps |
证据摘要
- Baseline:
0 - 攻击步骤:
0 - 浏览器证据:
0 - 容器日志:
0 - 请求日志:
0
最小化验证说明
- 仅限自有资产、本地靶场或已授权实验目标。
- 默认执行 minimal-proof;不会把破坏性或不可回滚动作作为默认路径。
- 若浏览器证据缺失,前端类案例不会被标为
verified-*。