jenkins to meterpreter toying with powersploit

Recently I came across a few Jenkins continuous integration servers. A relatively old version I might add but that fact was not important. What was important though was the fact that it was not configured to be ‘secure’. Right out of the box Jenkins does not require any authentication to make use of it. In fact, it seems like its almost plug and play. ...

May 27, 2015 · 5 min · Leon Jacobs