### [CVE-2018-11235](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11235)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server.

### POC

#### Reference
- https://marc.info/?l=git&m=152761328506724&w=2
- https://www.exploit-db.com/exploits/44822/

#### Github
- https://github.com/0xT11/CVE-POC
- https://github.com/9069332997/session-1-full-stack
- https://github.com/ARPSyndicate/cvemon
- https://github.com/AnonymKing/CVE-2017-1000117
- https://github.com/AnonymKing/CVE-2018-11235
- https://github.com/CHYbeta/CVE-2018-11235-DEMO
- https://github.com/Flashyy911/pentesterlab
- https://github.com/H0K5/clone_and_pwn
- https://github.com/JameelNabbo/git-remote-code-execution
- https://github.com/Kiss-sh0t/CVE-2018-11235-poc
- https://github.com/PentesterLab/empty
- https://github.com/PonusJang/RCE_COLLECT
- https://github.com/Rogdham/CVE-2018-11235
- https://github.com/SenSecurity/exploit
- https://github.com/Yealid/empty
- https://github.com/adamyi/awesome-stars
- https://github.com/epsylon/m--github
- https://github.com/evilmiracle/CVE-2018-11236
- https://github.com/fadidxb/repository1
- https://github.com/fadidxb/repository2
- https://github.com/j4k0m/CVE-2018-11235
- https://github.com/jattboe-bak/empty
- https://github.com/jhswartz/CVE-2018-11235
- https://github.com/jongmartinez/CVE-2018-11235-PoC
- https://github.com/knqyf263/CVE-2018-11235
- https://github.com/lacework/up-and-running-packer
- https://github.com/lnick2023/nicenice
- https://github.com/meherarfaoui09/meher
- https://github.com/moajo/cve_2018_11235
- https://github.com/nerdyamigo/pop
- https://github.com/nthuong95/CVE-2018-11235
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/qweraqq/CVE-2018-11235-Git-Submodule-CE
- https://github.com/russemandev/repository1
- https://github.com/russemandev/repository2
- https://github.com/scottford-lw/up-and-running-packer
- https://github.com/seoqqq/ccvv
- https://github.com/seoqqq/wwq
- https://github.com/staaldraad/troopers19
- https://github.com/twseptian/cve-2018-11235-git-submodule-ce-and-docker-ngrok-configuration
- https://github.com/vmotos/CVE-2018-11235
- https://github.com/xElkomy/CVE-2018-11235
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/ygouzerh/CVE-2018-11235