Author: Alton Johnson

Automating Jenkins Command Execution

Almost two years ago, Royce Davis (@r3dy__) published an article about leveraging a Jenkins application, which contained no password, to successfully compromise a system on an organization’s internal network environment. This was accomplished by using a functionality within the application to execute operating system commands. You can find more information about this post here: https://www.pentestgeek.com/penetration-testing/hacking-jenkins-servers-with-no-password/. To… Read more »