BOOK THIS SPACE FOR AD
ARTICLE ADFeb 3
1 min read
Get the version numberJenkins basic information: https://cloud.hacktricks.xyz/pentesting-ci-cd/jenkins-security/basic-jenkins-informationListing other users(Requires access!) https://cloud.hacktricks.xyz/pentesting-ci-cd/jenkins-security/scm-ip-whitelisting-bypass#introductionTry to list plugins(Given that you are logged in and have the required permissions): https://stackoverflow.com/questions/9815273/how-to-get-a-list-of-installed-jenkins-plugins-with-name-and-version-pair https://www.jenkins.io/doc/book/security/managing-security/Default creds: Checklist default credentialsUnauthenticated enum: Checklist default credentialspwn_jenkins script to check for known exploits https://github.com/gquere/pwn_jenkinsSCM IP white list bypassing https://cloud.hacktricks.xyz/pentesting-ci-cd/jenkins-security/scm-ip-whitelisting-bypass#introduction