In the previous chapters, we looked at how to exploit JBoss and Apache Tomcat. In this chapter, we will look at Jenkins. Jenkins is a popular tool that's used to automate the non-human part of the software development process. In a Business-to-Consumer (B2C) relationship, a model where the company is providing services such as e-payment, e-commerce, online mobile and dish recharge plans, and so on to a consumer, the developers have a significant load on them. Due to the frequent updates that occur on the staging and production servers, the environment becomes complicated for the developers. To work more efficiently on the updates for the software and be able to launch them on time, a company will opt to use a platform engine to try and help pipeline the updates and manage them with ease.
Jenkins is one such platform engine. It handles the deployment and management of source codes that need to be deployed on different servers at different times of the day. Since Jenkins handles sensitive information when it manages the source code for a company, it is a hot target for those who are focused on industrial cyber-espionage. Once the threat actor is able to gain access to the Jenkins platform, they can access the source code (blueprints) of the services that are being offered by the organization.
As a penetration tester, we have to make sure the client's organization has instances such as Jenkins fully patched. In this chapter, we will explore the following topics:
- Introduction to Jenkins
- Jenkins terminology
- Jenkins reconnaissance and enumeration
- Exploiting Jenkins
Let's get started!