February 26, 2019

Jenkins – messing with new exploits pt1

Jenkins notes for:https://blog.orange.tw/2019/01/hacking-jenkins-part-1-play-with-dynamic-routing.htmlhttp://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.htmlto download old jenkins WAR fileshttp://updates.jenkins-ci.org/download/war/1st bug in the blog is a username enumeration bug in Jenkins weekly up to and including 2.145 Jenkins […]
February 27, 2019

Jenkins – messing with exploits pt2 – CVE-2019-1003000

After the release of Orange Tsai’s exploit for Jenkins. I’ve been doing some poking. PreAuth RCE against Jenkins is something everyone wants.While not totally related to […]
February 27, 2019

Jenkins Master Post

A collection of posts on attacking Jenkins http://www.labofapenetrationtester.com/2014/08/script-execution-and-privilege-esc-jenkins.htmlManipulating build steps to get RCEhttps://medium.com/@uranium238/shodan-jenkins-to-get-rces-on-servers-6b6ec7c960e2Using the terminal plugin to get RCEhttps://sharadchhetri.com/2018/12/02/managing-jenkins-plugins/Getting started with Jenkins Pluginshttps://blog.orange.tw/2019/01/hacking-jenkins-part-1-play-with-dynamic-routing.htmlVulns in Pipeline: Declarative […]
February 27, 2019

Jenkins – SECURITY-200 / CVE-2015-5323 PoC

API tokens of other users available to admins SECURITY-200 / CVE-2015-5323 API tokens of other users were exposed to admins by default. On instances that don’t […]