Unauthenticated RCE Jenkins (CVE-2018-1000861)
#CVE-2018-1000861 #jenkins #rce #unauthenticated
Uma vulnerabilidade foi encontrada em Jenkins até 2.153/LTS 2.138.3. Foi declarada como crÃtico. O componente afetado é uma função desconhecida do ficheiro stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java do componente Stapler Web Framework.
No video mostro como executar o ataque e criamos um script em python para receber um shell reverso.
AVISO:
-------------------
O video foi realizado em um ambiente controlado. NUNCA execute ataques a outra infraestrutura que nao se tem permissao.
-------------------
CREDITOS:
-------------------
Music Promoted by Music & Gene at YouTube:
https://www.youtube.com/c/MusicGene
https://geniemindcreation.wixsite.com/genemusic
Music by MBB | https://soundcloud.com/mbbofficial
https://www.youtube.com/c/mbbmusic
https://www.instagram.com/mbb_music
Buy Music Licenses at www.mbb-music.com
---------------------
-
13:37
Exploring With Nug
6 hours agoSUV Found Underwater Searching For Missing Man Jerry Wilkins!
16.1K -
LIVE
xBuRnTx
1 hour ago1st Warzone Stream Online
423 watching -
6:10:21
JdaDelete
23 hours ago $1.32 earnedDino Crisis - Sega Saturday
19.3K1 -
23:22
MYLUNCHBREAK CHANNEL PAGE
1 day agoUnder The Necropolis - Pt 5
28K9 -
2:26:11
Jewels Jones Live ®
1 day agoWINNING BIGLY | A Political Rendezvous - Ep. 108
70K25 -
2:04:49
Bare Knuckle Fighting Championship
4 days agoBKFC FIGHT NIGHT MOHEGAN SUN FREE FIGHTS
22.9K1 -
25:09
BlackDiamondGunsandGear
4 hours agoYou NEED to be Training For Whats to Come
16.7K6 -
20:03
Sideserf Cake Studio
10 hours ago $0.78 earnedA HUNGRY HUNGRY HIPPOS CAKE THAT ACTUALLY WORKS?
20.8K5 -
23:51
marcushouse
11 hours ago $0.44 earnedStarship’s Next Move Is Coming Sooner Than You Think!
13.5K2 -
22:24
The Finance Hub
17 hours ago $3.12 earnedBREAKING: JOE ROGAN JUST DROPPED A MASSIVE BOMBSHELL!!!
17.1K13