Jenkins
Discovery/Footprinting
Jenkins runs on Tomcat port 8080 by default. It also utilizes port 5000 to attach slave servers.
Enumeration
http://jenkins.inlanefreight.local:8000/configureSecurity/
http://jenkins.inlanefreight.local:8000/login?from=%2F
Default credentials such as admin:admin
or does not have any type of authentication enabled. It is not uncommon to find Jenkins instances that do not require any authentication during an internal penetration test
Script Console
Linux
http://jenkins.inlanefreight.local:8000/script
Windows
Reverse Shell
Linux
Metasploit
msf > use exploit/multi/http/jenkins_script_console
Windows
References
Last updated