jenkins-login: Jenkins Login Detected

漏洞描述

PoC代码[已公开]

id: jenkins-login

info:
  name: Jenkins Login Detected
  author: pdteam
  severity: info
  verified: true
  description: |-
    Jenkins is an open source automation server.
  reference:
    - https://www.jenkins.io/doc/book/security/
  tags: jenkins,login,panel,default,admin,credentials
  created: 2023/06/17

rules:
  r0:
    request:
      method: GET
      path: /login
    expression: |
      response.status == 200 && 
      (response.body.ibcontains(b'Sign in [Jenkins]') ||
      response.body.ibcontains(b'<title>登录 [Jenkins]</title>'))
expression: r0()

相关漏洞推荐

• 仓储系统和物流管理系统Login_SX.ashx 存在SQL注入漏洞
• POC 深圳勤杰软件有限公司勤杰DHR数智人力资源共享平台ScanLogin.ashx loginId参数存在SQL注入
• （CVE-2023-53878）Member Login Script 3.3客户端去同步漏洞
• 用友BIP LoginWithV8 登录绕过漏洞
• 锁群管理系统 /inc/CheckLogin.aspx 默认口令漏洞
• POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
• POC redis-commander-default-login: Redis Commander - Default Login
• POC traggo-default-login: Traggo - Default Login
• POC cluster-trino-admin-login: Cluster Overview Trino - Admin Login
• POC 用友BIP数据应用服务 /bi/api/Portal/LoginWithV8 信息泄露漏洞
• POC openwebui-default-login: Open WebUI - Default Login
• POC vtigercrm-default-login: Vtiger CRM - Default Login
• POC wp-security-hidden-login-exposure: WordPress All-in-One Security <=4.4.1 - Hidden Login Page Exposure