Awesome
Hacking Jenkins using Shodan API
Requirements:
- Works on any platform
- PHP
- Shodan API Key
- PHP Curl
Usage
I have created 2 scripts for hacking jenkins in much easier way.
Hacking jenkins involves 2 steps:
- Execute shodan.php to get the list of all vulnerable jenkins URLs and on which user the jenkins is running
- To execute shell commands on jenkins server, run jenkins-cli.php. This script will take care of the exploits. Just sit back and do whatever you want on shell