Tuesday, May 14, 2019
Minecraft Mod, Follow up, and Java Reflection
After yesterday's post , I received a ton of interesting and creative responses regarding how to get around the mod's restrictions w...
Monday, May 13, 2019
Minecraft Mod, Mother's Day, and A Hacker Dad
Over the weekend my wife was feeling under the weather. This meant we were stuck indoors and since she is sick and it's Mother's day...
Tuesday, March 5, 2019
Jenkins - CVE-2018-1000600 PoC
second exploit from the blog post https://blog.orange.tw/2019/01/hacking-jenkins-part-1-play-with-dynamic-routing.html Chained with CV...
Monday, March 4, 2019
Jenkins - messing with exploits pt3 - CVE-2019-1003000
References: https://www.exploit-db.com/exploits/46453 http://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.html...
Jenkins - Identify IP Addresses of nodes
While doing some research I found several posts on stackoverflow asking how to identify the IP address of nodes. You might want to know thi...
Thursday, February 28, 2019
Jenkins - decrypting credentials.xml
If you find yourself on a Jenkins box with script console access you can decrypt the saved passwords in credentials.xml in the following way...
Wednesday, February 27, 2019
Jenkins - SECURITY-180/CVE-2015-1814 PoC
Forced API token change SECURITY-180/CVE-2015-1814 https://jenkins.io/security/advisory/2015-03-23/#security-180cve-2015-1814-forced-ap...
View web version