How we exploited CodeRabbit from a simple PR to RCE and writ...

[carlospolop]

🤖 Automated Content Update

This PR was automatically generated by the HackTricks News Bot based on a technical blog post.

📝 Source Information

• Blog URL: https://research.kudelskisecurity.com/2025/08/19/how-we-exploited-coderabbit-from-a-simple-pr-to-rce-and-write-access-on-1m-repositories/
• Blog Title: How we exploited CodeRabbit: from a simple PR to RCE and write access on 1M repositories
• Suggested Section: Pentesting CI/CD > Github Security > GitHub Apps Impersonation (JWT & installation tokens) and CI-integrated Linters Abuse (Rubocop extensions) for Runner RCE

🎯 Content Summary

CodeRabbit PR Reviewer RCE via Rubocop Extension Loading and Secret Exfiltration

Target and Executive Summary

Target: CodeRabbit, a GitHub/GitLab AI PR reviewer that runs external linters/SAST (e.g., Semgrep, Rubocop) against pull requests. Researchers turned a single malicious PR into RCE on production runners, exfiltrated sensitive environment variables (including the GitHub App private key), then used GitHub’s API to min...

🔧 Technical Details

Abusing repo-controlled static-analysis configs for code execution: When CI/services run external tools using repository-provided configs, pick a tool that supports dynamic code loading (e.g., Rubocop). Add .rubocop.yml with require: ./ext.rb and place malicious Ruby in ext.rb. Ensure the PR includes language-appropriate files to trigger the tool. The service loads and executes your code during analysis.

Exfiltrating runner...

🤖 Agent Actions

I analyzed the repository and existing GitHub Security content and found there was no concrete, technical guidance on:

• Impersonating GitHub Apps when their private key leaks (JWT → installation access tokens → repo access)
• Abusing CI-integrated linters/SAST using repo-controlled configurations to achieve runner RCE (Rubocop extensions via require in .rubocop.yml)

These are the key techniques in the blog and they weren’t covered in HackTricks. I updated the most relevant existing page:

• src/pentesting-ci-cd/github-security/README.md

What I changed:

1. Added an exploitation subsection under “With Github Application”

• Title: “Impersonate a GitHub App with its private key (JWT → installation access tokens)”
• Details:
  • Requirements (PEM private key, App ID)
  • JWT construction (...

✅ Review Checklist

• Content is technically accurate
• Formatting follows HackTricks style guidelines
• Links and references are working
• Content adds educational value
• No sensitive information is exposed

---

This PR was automatically created by the HackTricks Feed Bot. Please review the changes carefully before merging.

[carlospolop]

🔗 Additional Context

Original Blog Post: https://research.kudelskisecurity.com/2025/08/19/how-we-exploited-coderabbit-from-a-simple-pr-to-rce-and-write-access-on-1m-repositories/

Content Categories: Based on the analysis, this content was categorized under "Pentesting CI/CD > Github Security > GitHub Apps Impersonation (JWT & installation tokens) and CI-integrated Linters Abuse (Rubocop extensions) for Runner RCE".

Repository Maintenance:

• MD Files Formatting: 521 files processed

Review Notes:

• This content was automatically processed and may require human review for accuracy
• Check that the placement within the repository structure is appropriate
• Verify that all technical details are correct and up-to-date
• All .md files have been checked for proper formatting (headers, includes, etc.)

Bot Version: HackTricks News Bot v1.0