Exploiting Jenkins CVE-2024-23897: Remote Code Execution | Step-by-Step Tutorial

Поделиться
HTML-код
  • Опубликовано: 18 окт 2024
  • 🔐 Dive into the world of cybersecurity with our latest tutorial! In this video, we demonstrate the step-by-step process of replicating the Jenkins Remote Code Execution vulnerability, CVE-2024-23897. This critical security flaw poses a significant threat, and understanding how it works is crucial for securing your systems.
    🛠️ Tools Used:
    Nuclei: A powerful open-source tool for scanning and fingerprinting web applications.
    Vulhub:Vulhub is an open-source collection of pre-built vulnerable docker environments.
    📌 What You'll Learn:
    1️⃣ Setting Up Vulhub: Learn how to set up a vulnerable environment using Vulhub, creating a safe space to test and understand the exploit.
    2️⃣ Nuclei Template: Using nuclei template for CVE-2024-23897.
    3️⃣ Exploitation: Walkthrough on exploiting the vulnerability step-by-step, gaining remote code execution on the target Jenkins server.
    🚨 Important Note: This tutorial is for educational purposes only. Do not attempt to replicate these actions on any system without proper authorization. Ethical hacking is crucial for understanding and fortifying cybersecurity defenses.
    👍 If you found this tutorial helpful, don't forget to like, share, and subscribe! Stay tuned for more cybersecurity insights, tutorials, and hands-on demonstrations.
    🔗 Links:
    Nuclei GitHub Repository: github.com/pro...
    Vulhub GitHub Repository: github.com/vul...
    Please like and subscribe my channel for more videos related to various security topics: / @mrhardik05
    Check complete fuzzing playlist here: www.youtube.co...
    Follow me on twitter: / hardik05
    if you like my work, you can buy me a coffee here: www.buymeacoff...
    If you want to learn more about linux fuzzing then, checkout self Paced, paid fuzzing training here: fuzzing.podia....
    Intro & Outro Music by audionautix.com

Комментарии • 4

  • @Jack-gx8xn
    @Jack-gx8xn 8 месяцев назад +2

    Your setup looks fascinating. Any plan to recreate fuzzing videos? Would love to follow some fresh content tho old is gold.

  • @uttarkhandcooltech1237
    @uttarkhandcooltech1237 8 месяцев назад +1

    wowo sir nice to see ur video

Следующие
Автовоспроизведение
Microsoft Outlook CVE-2024-21413 Vulnerability: Protecting Your Credentials13:02Microsoft Outlook CVE-2024-21413 Vulnerability: Protecting Your Credentials
Microsoft Outlook CVE-2024-21413 Vulnerability: Protecting Your CredentialsFuzzing_in - Hardik Shah
Просмотров 2,1 тыс.
How hackers exploit XSS vulnerabilities to create admin accounts on your WordPress blog1:05How hackers exploit XSS vulnerabilities to create admin accounts on your WordPress blog
How hackers exploit XSS vulnerabilities to create admin accounts on your WordPress blogNinja Technologies Network
Просмотров 158 тыс.
3 Levels of WiFi Hacking22:123 Levels of WiFi Hacking
3 Levels of WiFi HackingNetworkChuck
Просмотров 2,1 млн
Liam Payne’s Girlfriend Kate Cassidy Explains Why She Left Argentina Days Before His Death | E! News02:22Liam Payne’s Girlfriend Kate Cassidy Explains Why She Left Argentina Days Before His Death | E! News
Liam Payne’s Girlfriend Kate Cassidy Explains Why She Left Argentina Days Before His Death | E! NewsE! News
Просмотров 226 тыс.
I LOST MY BROTHER | THE WORLD LOST A LEGEND | BUT NO ONE LOST AS MUCH AS HIS SWEET FAMILY16:12I LOST MY BROTHER | THE WORLD LOST A LEGEND | BUT NO ONE LOST AS MUCH AS HIS SWEET FAMILY
I LOST MY BROTHER | THE WORLD LOST A LEGEND | BUT NO ONE LOST AS MUCH AS HIS SWEET FAMILYThis Is How We Bingham
Просмотров 275 тыс.
BNS BABY SHOWER !!44:41BNS BABY SHOWER !!
BNS BABY SHOWER !!B N S
Просмотров 306 тыс.
OhGeesy x Lefty Gunplay - What It Iz [Official Music Video]02:51OhGeesy x Lefty Gunplay - What It Iz [Official Music Video]
OhGeesy x Lefty Gunplay - What It Iz [Official Music Video]OHGEESY
Просмотров 162 тыс.
Remote Command Execution Explained and Demonstrated!12:56Remote Command Execution Explained and Demonstrated!
Remote Command Execution Explained and Demonstrated!Loi Liang Yang
Просмотров 60 тыс.
17 Ходов ПЕШКАМИ Подряд!В Психбольнице ему ЗАПРЕТИЛИ Шахматы. Бессмертная Партия Пешек12:4217 Ходов ПЕШКАМИ Подряд!В Психбольнице ему ЗАПРЕТИЛИ Шахматы. Бессмертная Партия Пешек
17 Ходов ПЕШКАМИ Подряд!В Психбольнице ему ЗАПРЕТИЛИ Шахматы. Бессмертная Партия ПешекEclipse - Шахматы
Просмотров 469 тыс.
A Vulnerability to Hack The World - CVE-2023-486318:00A Vulnerability to Hack The World - CVE-2023-4863
A Vulnerability to Hack The World - CVE-2023-4863LiveOverflow
Просмотров 110 тыс.
Playing with Jenkins File Read [CVE-2024-23897]20:44Playing with Jenkins File Read [CVE-2024-23897]
Playing with Jenkins File Read [CVE-2024-23897]0xdf
Просмотров 3,4 тыс.
How To Hack The Internet by Will Thomas18:10How To Hack The Internet by Will Thomas
How To Hack The Internet by Will ThomasBushidoToken
Просмотров 898
Click with Caution: The Moniker Link Vulnerability (CVE-2024-21413) Exposed | Threat Snapshot16:39Click with Caution: The Moniker Link Vulnerability (CVE-2024-21413) Exposed | Threat Snapshot
Click with Caution: The Moniker Link Vulnerability (CVE-2024-21413) Exposed | Threat SnapshotSnapAttack
Просмотров 2 тыс.
BUG BOUNTY: UNDERSTAIND REMOTE CODE EXECUTION VULNERABILITIES #1- THE BASICS14:03BUG BOUNTY: UNDERSTAIND REMOTE CODE EXECUTION VULNERABILITIES #1- THE BASICS
BUG BOUNTY: UNDERSTAIND REMOTE CODE EXECUTION VULNERABILITIES #1- THE BASICSBePractical
Просмотров 5 тыс.
How I Found (And Patched) CVE-2024-2372411:30How I Found (And Patched) CVE-2024-23724
How I Found (And Patched) CVE-2024-23724Tyler Ramsbey || Hack Smarter
Просмотров 4 тыс.
Find and Exploit NoSQL Injection11:03Find and Exploit NoSQL Injection
Find and Exploit NoSQL InjectionThe Cyber Mentor
Просмотров 16 тыс.
Wildest 10 SECONDS OF HIS LIFE 🤯 @TomIsted00:14Wildest 10 SECONDS OF HIS LIFE 🤯 @TomIsted
Wildest 10 SECONDS OF HIS LIFE 🤯 @TomIstedRed Bull Bike
Просмотров 9 млн
“Хусури Ман 16” - качество оригинал 4К. Официально!1:15:00“Хусури Ман 16” - качество оригинал 4К. Официально!
“Хусури Ман 16” - качество оригинал 4К. Официально!Zamonavi Media
Просмотров 1,8 млн
Пряный осенний баббл чай00:44Пряный осенний баббл чай
Пряный осенний баббл чайКушать Хочу
Просмотров 962 тыс.
кто ваш любимчик из Гравити Фолз?🤔00:59кто ваш любимчик из Гравити Фолз?🤔
кто ваш любимчик из Гравити Фолз?🤔Dany Ku
Просмотров 432 тыс.
GAYAZOV$ BROTHER$ - Про Малиновую Ладу, фейковый голос и конкуренцию / Опять не Гальцев30:41GAYAZOV$ BROTHER$ - Про Малиновую Ладу, фейковый голос и конкуренцию / Опять не Гальцев
GAYAZOV$ BROTHER$ - Про Малиновую Ладу, фейковый голос и конкуренцию / Опять не ГальцевПлюшки
Просмотров 230 тыс.
Бывшая Кахи #непосредственнокаха00:20Бывшая Кахи #непосредственнокаха
Бывшая Кахи #непосредственнокахаК-Media
Просмотров 733 тыс.
Big or Small challenge 😂 Sour lemon gum or small nachos box? 🧐 #shorts Best video by Hmelkofm00:29Big or Small challenge 😂 Sour lemon gum or small nachos box? 🧐 #shorts Best video by Hmelkofm
Big or Small challenge 😂 Sour lemon gum or small nachos box? 🧐 #shorts Best video by HmelkofmHmelkofm
Просмотров 5 млн
Когда друг зашел домой за водой00:46Когда друг зашел домой за водой
Когда друг зашел домой за водойКЕРЯ
Просмотров 199 тыс.