News Reporter

April 11, 2019

威胁快讯:DDG 近期更新(v3021/v3022版本)

1. 综述 DDG 是一个专注于扫描控制 SSH 端口、 Redis 数据库 和 OrientDB 数据库服务器,并攫取服务器算力挖矿(门罗币)的僵尸网络。我们在 2017 年 10 月 25 日首次感知到 DDG 僵尸网络,并发布技术分析报告。之后 DDG 数次更新版本,我们也跟踪分析并发布数篇分析报告,报告列表如下,全部的报告列表在 这里: DDG.Mining.Botnet:一个瞄准数据库服务器的挖矿僵尸网络 DDG.Mining.Botnet 近期活动分析 僵尸永远不死,DDG拒绝凋零 […]
March 5, 2019

Jenkins – CVE-2018-1000600 PoC

second exploit from the blog posthttps://blog.orange.tw/2019/01/hacking-jenkins-part-1-play-with-dynamic-routing.htmlChained with CVE-2018-1000600 to a Pre-auth Fully-responded SSRFhttps://jenkins.io/security/advisory/2018-06-25/#SECURITY-915This affects the GitHub plugin that is installed by default. However, I learned that when […]
March 5, 2019

Jenkins – messing with exploits pt3 – CVE-2019-1003000

References:https://www.exploit-db.com/exploits/46453http://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.htmlThis post covers the Orange Tsai Jenkins pre-auth exploitVuln versions: Jenkins < 2.137 (preauth)Pipeline: Declarative Plugin up to and including 1.3.4Pipeline: Groovy Plugin up to and […]
March 5, 2019

Jenkins – Identify IP Addresses of nodes

While doing some research I found several posts on stackoverflow asking how to identify the IP address of nodes.  You might want to know this if […]