Approximately half a year ago, I stumbled upon a bug in an internal GitHub API that allowed me to manipulate the API into signing commits as any user. This meant that I could create a commit that appeared to be signed by a user I had no control over. To understand how this was possible, let’s delve into how Git commit signing actually works. Git commits are stored in a custom text-based format and signed commits have an additional gpgsig header. When creating a commit on GitHub.com, it is signed with GitHub’s web flow GPG key and has a committer of GitHub. By tricking an internal API endpoint into signing our commits, we could forge commits that GitHub recognizes as signed. I gained insight into the inner workings of GitHub by deobfuscating the Ruby source code on a downloaded GitHub Enterprise Server trial VM. One interesting endpoint I discovered was the /vscs_internal/commit/sign endpoint, which could be used to obtain a signature by providing arbitrary raw commit data. The endpoint’s verification process used a regex pattern to validate the author line in the commit data. However, this regex failed to match author lines with a 0-length name, allowing us to exploit it and create GitHub-signed commits with any desired author name
https://iter.ca/post/gh-sig-pwn/