关联漏洞
Description
Jenkins Git Client RCE CVE-2019-10392_Exp
介绍
# CVE-2019-10392_EXP
Jenkins Git Client Authenticated RCE CVE-2019-10392_Exp
## Usage
```
usage: Jenkins Git Client < 2.8.2. [-h] -u TARGET [-U USERNAME] [-P PASSWORD]
[-i ITEM] [-I INTERACTIVE] [-c COMMAND]
optional arguments:
-h, --help show this help message and exit
-u TARGET, --target TARGET
Target.
-U USERNAME, --username USERNAME
This vulnerability need Jenkins username to login.
Default: admin
-P PASSWORD, --password PASSWORD
This vulnerability need Jenkins password to login.
Default: admin
-i ITEM, --item ITEM Jenkins program Name to establish.
-I INTERACTIVE, --interactive INTERACTIVE
Choose if you need a interactive shell(True or False).
Default: False
-c COMMAND, --command COMMAND
Command to execute. If not use interactive mode it's
required.
```
## Reference
https://iwantmore.pizza/posts/cve-2019-10392.html
https://misakikata.github.io/2019/09/CVE-2019-10392-Jenkins-2k19%E8%AE%A4%E8%AF%81%E8%BF%9C%E7%A8%8BRCE/
文件快照
[4.0K] /data/pocs/f957d151410928b86c06744bb8d4d8ad04e910a1
├── [5.4K] Jenkins Git RCE CVE-2019-10392.py
└── [1.2K] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮件到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对 POC 代码进行快照,为了长期维护,请考虑为本地 POC 付费/捐赠,感谢您的支持。