v1.0

Author: TheBeastofwar

.idea/.gitignore

@@ -0,0 +1,33 @@
+# JenkinsExploit-GUI
+![img.png](img/img.png)
+# 使用
+从release下载windows_tools或linux_tools并放在与JenkinsExploit-GUI-*-SNAPSHOT.jar相同的目录
+![img_1.png](img/img_1.png)
+或者可以自行打包tools_source中的python源码文件
+# 支持检测:
+- CVE-2015-8103/CVE-2016-0788 Jenkins 反序列化远程代码执行 https://github.com/Medicean/VulApps/tree/master/j/jenkins/1
+- CVE-2016-0792 Jenkins XStream反序列化远程代码执行 https://github.com/jpiechowka/jenkins-cve-2016-0792
+- CVE-2017-1000353 Jenkins-CI 远程代码执行漏洞 https://github.com/vulhub/CVE-2017-1000353
+- CVE-2018-1000600 Jenkins GitHub SSRF+信息泄露
+- CVE-2018-1000861 Jenkins 绕过Groovy沙盒未授权命令执行漏洞 https://github.com/orangetw/awesome-jenkins-rce-2019
+- CVE-2018-1999002 Jenkins 任意文件读取 https://mp.weixin.qq.com/s/MOKeN1qEBonS8bOLw6LH_w
+- CVE-2019-1003000 Jenkins 远程代码执行 https://github.com/adamyordan/cve-2019-1003000-jenkins-rce-poc
+- CVE-2019-1003005/CVE-2019-1003029 远程代码执行(Script Security Plugin沙箱绕过) https://github.com/orangetw/awesome-jenkins-rce-2019
+- CVE-2024-23897 Jenkins CLI 接口任意文件读取漏洞 https://github.com/vulhub/vulhub/blob/master/jenkins/CVE-2024-23897
+# 未完待续:
+- CVE-2016-9299 Jenkins ldap反序列化远程代码执行
+- 修复进行all检测后还得在单独检测CVE的bug
+- 再添加一个dnslog的api设置,使得能够自动化检测无回显的命令执行
+- 添加获取Jenkins版本的功能
+- 继续尝试把外置的payload接入到java代码中
+# 源码打包
+```
+mvn clean package -DskipTests
+zip -d  JenkinsExploit-GUI-*-SNAPSHOT.jar target/'META-INF/*.SF' 'META-INF/*.RSA' 'META-INF/*DSA'
+```
+# Bug反馈
+https://github.com/thebeastofwar/JenkinsExploit-GUI 提交issues
+# 开发日志
+## V1.0 
+以yhy0师傅的模板项目 https://github.com/yhy0/ExpDemo-JavaFX 为模板,写出了jenkins综合漏洞利用工具
+部分python的poc还未转成java代码接入到工具中,就打包成可执行文件

.idea/artifacts/JenkinsExploit_GUI_jar.xml

@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>org.example</groupId>
+    <artifactId>JenkinsExploit-GUI</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <properties>
+        <maven.compiler.source>8</maven.compiler.source>
+        <maven.compiler.target>8</maven.compiler.target>
+    </properties>
+
+    <dependencies>
+
+        <dependency>
+            <groupId>com.jfoenix</groupId>
+            <artifactId>jfoenix</artifactId>
+            <version>8.0.10</version>
+        </dependency>
+
+        <!-- https://mvnrepository.com/artifact/com.alibaba/fastjson -->
+        <dependency>
+            <groupId>com.alibaba</groupId>
+            <artifactId>fastjson</artifactId>
+            <version>1.2.78</version>
+        </dependency>
+
+        <!-- log4j support -->
+        <dependency>
+            <groupId>log4j</groupId>
+            <artifactId>log4j</artifactId>
+            <version>1.2.17</version>
+        </dependency>
+
+        <!--CVE-2017-1000353 support-->
+        <dependency>
+            <groupId>com.offbytwo.jenkins</groupId>
+            <artifactId>jenkins-client</artifactId>
+            <version>0.3.8</version>
+        </dependency>
+
+        <!--CVE-2016-9299 support-->
+        <dependency>
+            <groupId>org.bouncycastle</groupId>
+            <artifactId>bcprov-jdk15on</artifactId>
+            <version>1.68</version>
+        </dependency>
+
+    </dependencies>
+
+    <build>
+        <finalName>JenkinsExploit-GUI-1.0-SNAPSHOT</finalName><!-- 导出jar的名字 -->
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-shade-plugin</artifactId>
+                <version>3.2.0</version>
+                <executions>
+                    <execution>
+                        <phase>package</phase>
+                        <goals>
+                            <goal>shade</goal>
+                        </goals>
+                        <configuration>
+                            <transformers>
+                                <transformer implementation="org.apache.maven.plugins.shade.resource.ManifestResourceTransformer">
+                                    <mainClass>fun.fireline.AppStartUp</mainClass>
+                                </transformer>
+                            </transformers>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+        </plugins>
+    </build>
+
+
+</project>

.idea/compiler.xml

@@ -0,0 +1,47 @@
+package fun.fireline;
+
+import javafx.application.Application;
+import javafx.event.EventHandler;
+import javafx.fxml.FXMLLoader;
+import javafx.scene.Parent;
+import javafx.scene.Scene;
+import javafx.scene.image.Image;
+import javafx.stage.Stage;
+import javafx.stage.WindowEvent;
+
+
+public class AppStartUp extends Application {
+
+    @Override
+    public void start(Stage primaryStage) throws Exception{
+        Parent root = FXMLLoader.load(getClass().getClassLoader().getResource("fxml/Main.fxml"));
+        primaryStage.setTitle("JenkinsExploit-GUI");
+        primaryStage.setScene(new Scene(root));
+        // 退出程序的时候，子线程也一起退出
+        primaryStage.setOnCloseRequest(new EventHandler<WindowEvent>() {
+            @Override
+            public void handle(WindowEvent event) {
+                System.exit(0);
+            }
+        });
+        //设置窗口不可拉伸
+        primaryStage.setResizable(false);
+
+        primaryStage.getIcons().add(new Image(getClass().getClassLoader().getResource("img/sec.png").toString()));
+
+        primaryStage.show();
+    }
+
+
+    public static void main(String[] args) {
+//        try {
+//            URL iconURL = AppStartUp.class.getClassLoader().getResource("img/sec.png");
+//            java.awt.Image image = new ImageIcon(iconURL).getImage();
+//            com.apple.eawt.Application.getApplication().setDockIconImage(image);
+//        } catch (Exception e) {
+//            // Won't work on Windows or Linux.
+//        }
+
+        launch(args);
+    }
+}