Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/joesmithjaffa/jenkins-shell
Automating Jenkins Hacking using Shodan API
https://github.com/joesmithjaffa/jenkins-shell
hacking jenkins shodan shodan-api
Last synced: 22 days ago
JSON representation
Automating Jenkins Hacking using Shodan API
- Host: GitHub
- URL: https://github.com/joesmithjaffa/jenkins-shell
- Owner: joesmithjaffa
- License: apache-2.0
- Created: 2018-03-14T05:11:17.000Z (almost 7 years ago)
- Default Branch: master
- Last Pushed: 2018-03-24T19:40:12.000Z (over 6 years ago)
- Last Synced: 2024-08-05T17:32:38.803Z (4 months ago)
- Topics: hacking, jenkins, shodan, shodan-api
- Language: PHP
- Size: 20.5 KB
- Stars: 95
- Watchers: 6
- Forks: 19
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - joesmithjaffa/jenkins-shell - Automating Jenkins Hacking using Shodan API (PHP)
- awesome-ip-search-engines - Jenkins Shodan Shell
README
# Hacking Jenkins using Shodan API
## Requirements:
0. Works on any platform
1. PHP
2. Shodan API Key
3. PHP Curl## Usage
I have created 2 scripts for hacking jenkins in much easier way.
### Hacking jenkins involves 2 steps:
1. Execute **shodan.php** to get the list of all vulnerable jenkins URLs and on which user the jenkins is running
2. To execute shell commands on jenkins server, run **jenkins-cli.php**. This script will take care of the exploits. Just sit back and do whatever you want on shell### Note : To get the shell, jenkins has to be running on linux server
## Screenrecording
[![asciicast](https://asciinema.org/a/170411.png)](https://asciinema.org/a/170411)
## Screenshots
### Script 1
![Script 1](https://image.prntscr.com/image/pa_Z62uWQh_5W-k5BV0enQ.png)
### Script 2
![Script 2](https://image.prntscr.com/image/x7FnAGuGQfSSy7Kgp87W1g.png)