Jenkins – Identify IP Addresses of nodes
While doing some research I found several posts on stackoverflow asking how to identify the IP address of nodes. You might want to know this if you read the decrypting…
Jenkins – Identify IP Addresses of nodes
While doing some research I found several posts on stackoverflow asking how to identify the IP address of nodes. You might want to know this if you read the decrypting…
Episode-2393- Listener Feedback for 3-4-19
Today on The Survival Podcast I take your questions on business, the census, guns, monetizing skills, grapes, health, gardening, mulching, plant propagation, CBD oils, generators and more. Make sure if…
TSP Spring Pond Building Workshop – Two Spots Left
Well for once a workshop didn’t sell out right away. We still have a few spots open. The workshop is now open to any and all. You can sign up…
Criminal Immigrants in 2017: Their Numbers, Demographics, and Countries of Origin
For all the bluster about immigration, the idea that immigrants pose a unique crime problem still doesn't show up in the data. Alex Nowrasteh discusses his new paper. Hosted on…
Criminal Immigrants in 2017: Their Numbers, Demographics, and Countries of Origin
For all the bluster about immigration, the idea that immigrants pose a unique crime problem still doesn't show up in the data. Alex Nowrasteh discusses his new paper. Hosted on…
Spring Pond Building Workshop Now Open for Registration
The link to sign up for the April 2019 Spring Workshop is now in the main page of your MSB account. Just login to your MSB account and you will…
Episode-2392- Expert Council Q&A for 3-1-19
Today its Friday so it’s time for the expert council show. To ask a question for a show like this, just send an email to me at jack at thesurvivalpodcast.com…
Customs and Border Patrol in the “Constitution-Free Zone”
What grants border patrol agents more invasive powers in a 100-mile wide band around the edges of the United States? Chris Montoya is a former longtime Customs and Border Patrol…
Customs and Border Patrol in the “Constitution-Free Zone”
What grants border patrol agents more invasive powers in a 100-mile wide band around the edges of the United States? Chris Montoya is a former longtime Customs and Border Patrol…
Medicare at 50 Would Double Down on Failure
A new proposal would expand Medicare to include Americans as young as 50. It's a throw-money-at-it solution to problems largely caused by government intervention in health care, according to Cato’s…
Medicare at 50 Would Double Down on Failure
A new proposal would expand Medicare to include Americans as young as 50. It's a throw-money-at-it solution to problems largely caused by government intervention in health care, according to Cato’s…
Episode-2391- Listener Calls for 2-28-19
Today on The Survival Podcast I take your phone calls on beef, reloading, soils, fish, guns, ducks, winter weather, land and more. Remember to be on a show like this…
Jenkins – decrypting credentials.xml
If you find yourself on a Jenkins box with script console access you can decrypt the saved passwords in credentials.xml in the following way: hashed_pw='$PASSWORDHASH' passwd = hudson.util.Secret.decrypt(hashed_pw) println(passwd) You…
Jenkins – decrypting credentials.xml
If you find yourself on a Jenkins box with script console access you can decrypt the saved passwords in credentials.xml in the following way: hashed_pw='$PASSWORDHASH' passwd = hudson.util.Secret.decrypt(hashed_pw) println(passwd) You…
Jenkins – SECURITY-180/CVE-2015-1814 PoC
Forced API token change SECURITY-180/CVE-2015-1814 https://jenkins.io/security/advisory/2015-03-23/#security-180cve-2015-1814-forced-api-token-change Affected Versions All Jenkins releases <= 1.605 All LTS releases <= 1.596.1 P...
Jenkins – SECURITY-180/CVE-2015-1814 PoC
Forced API token change SECURITY-180/CVE-2015-1814 https://jenkins.io/security/advisory/2015-03-23/#security-180cve-2015-1814-forced-api-token-change Affected Versions All Jenkins releases <= 1.605 All LTS releases <= 1.596.1 P...
Jenkins – SECURITY-200 / CVE-2015-5323 PoC
API tokens of other users available to admins SECURITY-200 / CVE-2015-5323 API tokens of other users were exposed to admins by default. On instances that don’t implicitly grant RunScripts permission…
Jenkins – SECURITY-200 / CVE-2015-5323 PoC
API tokens of other users available to admins SECURITY-200 / CVE-2015-5323 API tokens of other users were exposed to admins by default. On instances that don’t implicitly grant RunScripts permission…
Jenkins Master Post
A collection of posts on attacking Jenkins http://www.labofapenetrationtester.com/2014/08/script-execution-and-privilege-esc-jenkins.html Manipulating build steps to get RCE https://medium.com/@uranium238/shodan-jenkins-to-get-rces-on-servers-6b6e...
Jenkins Master Post
A collection of posts on attacking Jenkins http://www.labofapenetrationtester.com/2014/08/script-execution-and-privilege-esc-jenkins.html Manipulating build steps to get RCE https://medium.com/@uranium238/shodan-jenkins-to-get-rces-on-servers-6b6ec7c960e2 Using the terminal plugin to get RCE https://sharadchhetri.com/2018/12/02/managing-jenkins-plugins/ Getting started with Jenkins Plugins https://blog.orange.tw/2019/01/hacking-jenkins-part-1-play-with-dynamic-routing.html Vulns…
Episode-2390- Blair Wirkkala on CBD Oil and the Endocannabinoid System
Blair is a wellness oriented RN. Beyond her experience as a registered nurse, she has worked as a health and physical educator, an exercise physiologist, personal trainer, and nutrition consultant.…
Jenkins – messing with exploits pt2 – CVE-2019-1003000
After the release of Orange Tsai's exploit for Jenkins. I've been doing some poking. PreAuth RCE against Jenkins is something everyone wants. While not totally related to the blog post…
Jenkins – messing with exploits pt2 – CVE-2019-1003000
After the release of Orange Tsai's exploit for Jenkins. I've been doing some poking. PreAuth RCE against Jenkins is something everyone wants. While not totally related to the blog post…