DevOps Articles

Curated articles, resources, tips and trends from the DevOps World.

Let’s Hack a Pipeline: Stealing Another Repo

4 years ago devblogs.microsoft.com

Summary: This is a summary of an article originally published by the source. Read the full original article here →

In this episode, we’ll look at how a malicious user could access source code they shouldn’t see. Welcome to Episode II: Stealing Another Repo.

And editing the pipeline means you can ask the Azure Pipelines system to do malicious things using its credentials.

Azure Pipelines can generate a token which only grants access to named repositories in Azure Repos.

Use the controls available in Azure Pipelines to prevent this attack.

Read More
Oh Dear
Oh Dear
The all-in-one monitoring tool for your entire website
Fathom
Fathom
Fathom Analytics: A Better Google Analytics Alternative
Namecheap
Namecheap
DevOpsChat Logo Your DevOps Community
Product
Useful Links

Made with pure grit © 2024 Jetpack Labs Inc. All rights reserved. www.jetpacklabs.com