v1.3

TheBeastofwar · TheBeastofwar · commit 20cefafc74b5 · 2024-02-11T16:34:52.000+08:00
diff --git a/README.md b/README.md
@@ -4,9 +4,9 @@
 ### jdk版本
 在windows或linux使用jdk8的哪一个版本应该都可以,在macOS里需要jdk8u较高的版本,比如jdk8u321
 ### 外置payload
-从release下载windows_tools或linux_tools并放在与JenkinsExploit-GUI-*-SNAPSHOT.jar相同的目录,或者可以自行打包tools_source中的python源码文件
+从release下载windows_tools,linux_tools或macOS_tools并放在与JenkinsExploit-GUI-*-SNAPSHOT.jar相同的目录,或者可以自行打包tools_source中的python源码文件
 
-如果是linux的话需要对外置payload进行chmod +x 赋予权限
+如果是linux或macOS的话需要对外置payload进行chmod +x 赋予权限
 ![img.png](img/img.png)
 ![img_1.png](img/img_1.png)
 ### dnslog配置
@@ -33,9 +33,7 @@ bash -c {echo,Y....}|{base64,-d}|{bash,-i}
 ## 未完待续:
 - CVE-2016-9299 Jenkins ldap反序列化远程代码执行,添加poc
 - CVE-2017-1000353 无法检测的bug
-- 修复在macOS系统无法运行的bug
 - 继续尝试把外置的payload接入到java代码中
-- 添加macOS的外部payload
 - 添加批量检测功能
 ## 源码打包
 ```
diff --git a/pom.xml b/pom.xml
@@ -4,17 +4,17 @@
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
-    <groupId>org.example</groupId>
+    <groupId>fun.fireline</groupId>
     <artifactId>JenkinsExploit-GUI</artifactId>
-    <version>1.0-SNAPSHOT</version>
+    <packaging>jar</packaging>
+    <version>1.3-SNAPSHOT</version>
 
     <properties>
         <maven.compiler.source>8</maven.compiler.source>
         <maven.compiler.target>8</maven.compiler.target>
     </properties>
 
     <dependencies>
-
         <dependency>
             <groupId>com.jfoenix</groupId>
             <artifactId>jfoenix</artifactId>
@@ -48,34 +48,35 @@
             <artifactId>bcprov-jdk15on</artifactId>
             <version>1.68</version>
         </dependency>
-
     </dependencies>
 
     <build>
-        <finalName>JenkinsExploit-GUI-1.2-SNAPSHOT</finalName><!-- 导出jar的名字 -->
         <plugins>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-shade-plugin</artifactId>
-                <version>3.2.0</version>
+                <artifactId>maven-assembly-plugin</artifactId>
+                <version>3.3.0</version>
+                <configuration>
+                    <archive>
+                        <manifest>
+                            <mainClass>fun.fireline.AppStartUp</mainClass>
+                        </manifest>
+                    </archive>
+                    <descriptorRefs>
+                        <descriptorRef>jar-with-dependencies</descriptorRef>
+                    </descriptorRefs>
+                    <finalName>JenkinsExploit-GUI-1.3-SNAPSHOT</finalName>
+                </configuration>
                 <executions>
                     <execution>
+                        <id>make-assembly</id>
                         <phase>package</phase>
                         <goals>
-                            <goal>shade</goal>
+                            <goal>single</goal>
                         </goals>
-                        <configuration>
-                            <transformers>
-                                <transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
-                                    <mainClass>fun.fireline.AppStartUp</mainClass>
-                                </transformer>
-                            </transformers>
-                        </configuration>
                     </execution>
                 </executions>
             </plugin>
         </plugins>
     </build>
-
-
-</project>
+</project>
diff --git a/src/META-INF/MANIFEST.MF b/src/META-INF/MANIFEST.MF
@@ -0,0 +1,3 @@
+Manifest-Version: 1.0
+Main-Class: fun.fireline.AppStartUp
+
diff --git a/src/main/java/fun/fireline/AppStartUp.java b/src/main/java/fun/fireline/AppStartUp.java
@@ -34,14 +34,6 @@ public void handle(WindowEvent event) {
 
 
     public static void main(String[] args) {
-//        try {
-//            URL iconURL = AppStartUp.class.getClassLoader().getResource("img/sec.png");
-//            java.awt.Image image = new ImageIcon(iconURL).getImage();
-//            com.apple.eawt.Application.getApplication().setDockIconImage(image);
-//        } catch (Exception e) {
-//            // Won't work on Windows or Linux.
-//        }
-
         launch(args);
     }
 }
diff --git a/src/main/java/fun/fireline/controller/JenkinsController.java b/src/main/java/fun/fireline/controller/JenkinsController.java
@@ -41,11 +41,9 @@ public class JenkinsController extends MainController{
             "\tCVE-2019-1003000 Jenkins 远程代码执行 https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc\r\n"+
             "\tCVE-2019-1003005/CVE-2019-1003029 远程代码执行(Script Security Plugin沙箱绕过) https://github.com/orangetw/awesome-jenkins-rce-2019\r\n"+
             "\tCVE-2024-23897 Jenkins CLI 接口任意文件读取漏洞 https://github.com/vulhub/vulhub/blob/master/jenkins/CVE-2024-23897\r\n" +
-            "\t未完待续:\r\n"+
+            "未完待续:\r\n"+
             "\tCVE-2016-9299 Jenkins ldap反序列化远程代码执行,poc添加\r\n"+
             "\tCVE-2017-1000353无法显示的bug\r\n"+
-            "\t修复macOS上无法运行的bug\r\n"+
-            "\t添加macOS的外部payload\r\n"+
             "\t添加批量检测功能\r\n"+
             "\t继续尝试把外置的payload接入到java代码中\r\n\r\n"+
 
diff --git a/src/main/java/fun/fireline/controller/MainController.java b/src/main/java/fun/fireline/controller/MainController.java
@@ -31,16 +31,12 @@
 public class MainController  {
     public static  Logger logger = Logger.getLogger(MainController.class);
     @FXML
-    private MenuItem proxySetupBtn;
-    @FXML
     private MenuItem dnslogSetupBtn;
     @FXML
     private Label tool_name;
     @FXML
     private Label author;
     @FXML
-    private Label proxyStatusLabel;
-    @FXML
     private Label dnslogStatusLable;
     @FXML
     private VBox selectButton;      // 漏洞种类按钮
@@ -166,8 +162,4 @@ private void refreshPage(String page){
         }
     }
 
-    public void setProxyStatusLabel(String value) {
-        this.proxyStatusLabel.setText(value);
-    }
-
 }
diff --git a/src/main/java/fun/fireline/core/Constants.java b/src/main/java/fun/fireline/core/Constants.java
@@ -5,7 +5,7 @@ public class Constants {
 
     public static String NAME = "JenkinsExploit-GUI";
 
-    public static String VERSION = "v1.2";
+    public static String VERSION = "v1.3";
 
     public static String AUTHOR = "by initial";
 
@@ -26,7 +26,10 @@ public class Constants {
             "\t添加Jenkins指纹验证和版本获取功能,使得能够通过版本先匹配一下CVE\r\n"+
             "\t修复进行all检测后还得再次对特定的CVE进行检测的bug\r\n"+
             "v1.2\r\n"+
-            "\t可以配置dnslog.pw或ceye.io dnslog平台来进行自动化无回显命令执行或SSRF验证";
+            "\t可以配置dnslog.pw或ceye.io dnslog平台来进行自动化无回显命令执行或SSRF验证\r\n"+
+            "v1.3\r\n"+
+            "\t经过测试,发现macOS系统上的各种报错基本都是jdk版本的问题或者macOS的一些设置的问题,所以代码没有什么大的变化\r\n"+
+            "\t添加macOS的外部payload";
 
     public static String[] ENCODING = {
             "UTF-8",
diff --git a/src/main/java/fun/fireline/exp/jenkins/CVE_2018_1000600.java b/src/main/java/fun/fireline/exp/jenkins/CVE_2018_1000600.java
@@ -7,8 +7,6 @@
 import fun.fireline.tools.Response;
 
 import java.util.HashMap;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
 
 import static fun.fireline.tools.Tools.dnslog_verify;
 import static fun.fireline.tools.Tools.getRandomString;
diff --git a/src/main/java/fun/fireline/exp/jenkins/CVE_2019_1003000.java b/src/main/java/fun/fireline/exp/jenkins/CVE_2019_1003000.java
@@ -1,7 +1,6 @@
 package fun.fireline.exp.jenkins;
 
 import fun.fireline.core.ExploitInterface;
-import fun.fireline.exp.tools.dnslogSetting;
 import fun.fireline.tools.Jenkins_Info;
 
 import java.io.BufferedReader;
diff --git a/src/main/resources/fxml/Jenkins.fxml b/src/main/resources/fxml/Jenkins.fxml
@@ -2,14 +2,9 @@
 
 <?import com.jfoenix.controls.JFXButton?>
 <?import com.jfoenix.controls.JFXTabPane?>
-<?import javafx.scene.control.ChoiceBox?>
-<?import javafx.scene.control.Tab?>
-<?import javafx.scene.control.TextArea?>
-<?import javafx.scene.control.TextField?>
-<?import javafx.scene.layout.AnchorPane?>
-<?import javafx.scene.text.Font?>
-<?import javafx.scene.text.Text?>
-
+<?import javafx.scene.control.*?>
+<?import javafx.scene.layout.*?>
+<?import javafx.scene.text.*?>
 <AnchorPane prefHeight="647.0" prefWidth="1046.0" stylesheets="@../css/main.css" xmlns="http://javafx.com/javafx/8.0.171" xmlns:fx="http://javafx.com/fxml/1" fx:controller="fun.fireline.controller.JenkinsController">
 
    <children>
@@ -39,6 +34,7 @@
 
       <JFXTabPane layoutY="35.0" prefHeight="612.0" prefWidth="1048.0">
          <tabs>
+
             <Tab text="基本信息">
                <content>
                   <AnchorPane minHeight="0.0" minWidth="0.0" prefHeight="644.0" prefWidth="901.0">
@@ -51,6 +47,7 @@
                   </AnchorPane>
                </content>
             </Tab>
+
             <Tab text="文件读取/命令执行">
                <content>
                   <AnchorPane minHeight="0.0" minWidth="0.0" prefHeight="180.0" prefWidth="200.0">
@@ -69,6 +66,45 @@
                   </AnchorPane>
                </content>
             </Tab>
+
+<!--            <Tab text="批量检查">
+               <content>
+                  <AnchorPane minHeight="0.0" minWidth="0.0" prefHeight="180.0" prefWidth="200.0">
+                     <children>
+                        <ChoiceBox fx:id="thread" layoutX="66.0" layoutY="6.0" prefHeight="3.0" prefWidth="36.0" />
+                        <Text layoutX="19.0" layoutY="26.0" strokeType="OUTSIDE" strokeWidth="0.0" text="线程">
+                           <font>
+                              <Font size="15.0" />
+                           </font>
+                        </Text>
+                        <Button fx:id="import_file" layoutX="800.0" layoutY="5.0" mnemonicParsing="false" onAction="#get_execute_cmd" prefHeight="18.0" prefWidth="50.0" text="导入">
+                           <font>
+                              <Font size="15.0" />
+                           </font>
+                        </Button>
+                        <TextField fx:id="file_path" layoutX="129.0" layoutY="6.0" prefHeight="27.0" prefWidth="660.0" />
+                        <Text fx:id="time" layoutX="923.0" layoutY="24.0" strokeType="OUTSIDE" strokeWidth="0.0" text="用时    %s">
+                           <font>
+                              <Font size="15.0" />
+                           </font>
+                        </Text>
+                        <TableView fx:id="table_view" layoutY="40.0" prefHeight="524.0" prefWidth="1040.0">
+                           <columns>
+                              <TableColumn fx:id="id" prefWidth="57.0" text="序号" />
+                              <TableColumn fx:id="target" prefWidth="481.0" text="目标" />
+                              <TableColumn fx:id="isVul" prefWidth="500.0" text="是否存在漏洞" />
+                           </columns>
+                        </TableView>
+                        <Button fx:id="export_file" layoutX="860.0" layoutY="5.0" mnemonicParsing="false" onAction="#get_execute_cmd" prefHeight="18.0" prefWidth="50.0" text="导出">
+                           <font>
+                              <Font size="15.0" />
+                           </font>
+                        </Button>
+                     </children></AnchorPane>
+               </content>
+            </Tab>-->
+
+
          </tabs>
       </JFXTabPane>
 
diff --git a/src/main/resources/fxml/Main.fxml b/src/main/resources/fxml/Main.fxml
@@ -2,23 +2,12 @@
 
 <?import com.jfoenix.controls.JFXButton?>
 <?import javafx.geometry.Insets?>
+<?import javafx.scene.control.*?>
 <?import javafx.scene.Cursor?>
-<?import javafx.scene.control.Label?>
-<?import javafx.scene.control.Menu?>
-<?import javafx.scene.control.MenuBar?>
-<?import javafx.scene.control.MenuItem?>
-<?import javafx.scene.control.Separator?>
 <?import javafx.scene.image.Image?>
 <?import javafx.scene.image.ImageView?>
-<?import javafx.scene.layout.AnchorPane?>
-<?import javafx.scene.layout.ColumnConstraints?>
-<?import javafx.scene.layout.GridPane?>
-<?import javafx.scene.layout.HBox?>
-<?import javafx.scene.layout.RowConstraints?>
-<?import javafx.scene.layout.VBox?>
+<?import javafx.scene.layout.*?>
 <?import javafx.scene.text.Font?>
-
-<?import javafx.scene.layout.FlowPane?>
 <VBox maxHeight="-Infinity" maxWidth="-Infinity" minHeight="-Infinity" minWidth="-Infinity" prefHeight="697.0" prefWidth="1175.0" stylesheets="@../css/main.css" xmlns="http://javafx.com/javafx/8.0.171" xmlns:fx="http://javafx.com/fxml/1" fx:controller="fun.fireline.controller.MainController">
    <children>
       <MenuBar prefHeight="26.0" prefWidth="1081.0" VBox.vgrow="ALWAYS">

Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,3 @@`
	`1`	`+Manifest-Version: 1.0`
	`2`	`+Main-Class: fun.fireline.AppStartUp`
	`3`	`+`
Original file line number	Diff line number	Diff line change
`@@ -34,14 +34,6 @@ public void handle(WindowEvent event) {`
`34`	`34`
`35`	`35`
`36`	`36`	`public static void main(String[] args) {`
`37`		`-// try {`
`38`		`-// URL iconURL = AppStartUp.class.getClassLoader().getResource("img/sec.png");`
`39`		`-// java.awt.Image image = new ImageIcon(iconURL).getImage();`
`40`		`-// com.apple.eawt.Application.getApplication().setDockIconImage(image);`
`41`		`-// } catch (Exception e) {`
`42`		`-// // Won't work on Windows or Linux.`
`43`		`-// }`
`44`		`-`
`45`	`37`	`launch(args);`
`46`	`38`	`}`
`47`	`39`	`}`