Add to Favorites | Login | Register
Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

About us Contact us

Jenkins unauthorized access-arbitrary command execution

2025-04-11 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Share

Shulou(Shulou.com)06/01 Report--

Unauthorized access to jenkins-introduction to 0x00 jenkins for arbitrary command execution

Enkins is a powerful application that allows continuous integration and continuous delivery of projects, regardless of platform. This is a free source code that can handle any type of build or continuous integration. Integrated Jenkins can be used for some testing and deployment technologies. Jenkins is a piece of software that allows continuous integration.

Reasons for 0x01 vulnerabilities

Jenkins does not set the account password, or uses a weak account password

Recurrence of 0x02 vulnerabilities

By default, users in the Jenkins panel can choose to execute script interface to operate some system-level commands. Users can obtain server permissions through unauthorized access vulnerabilities or brute force cracking of user passwords into the script execution interface.

Any command execution interface:

Http://ip:port/script

Println "ifconfig". Execute (). Text

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Tag Search: Commands passwords vulnerabilities interfaces users scripts accounts powerful functional powerful reasons platforms applications situations technology violence servers permissions source code programs vpn macOS Linux MariaDB MySQL Docker Shulou Information Shulou Technology Shulou Tech Info OPPO Reno Redmi Xiaomi NVidia Microsoft Huawei Apple vpn macOS Redmi Docker MySQL NVidia Linux MariaDB Shulou Tech Info Shulou Technology Xiaomi OPPO Reno Microsoft Apple Huawei Shulou Information vpn macOS Redmi Docker MySQL NVidia Linux MariaDB Shulou Tech Info Shulou Technology Xiaomi OPPO Reno Microsoft Apple Huawei Shulou Information

Share To

Related

Network Security

More Network Security >

Latest Network Security More Network Security >

Latest Internet Technology More Internet Technology >

Latest Development More Development >

Latest Database More Database >

Latest Servers More Servers >

Latest Mobile Phone More Mobile Phone >

Latest Android Software More Android Software >

Latest Apple Software More Apple Software >

Latest Computer Software News More Computer Software News >

Latest IT Information More IT Information >

Wechat

About us Contact us Product review car news thenatureplanet

© 2024 shulou.com SLNews company. All rights reserved.

12
Report