ioc[.]one - OSINT Cyber Threat Intelligence Database

CVE-2024-43044 分析 — 通过代理在 Jenkins 中读取文件进行 RCE | CTF导航

Tags

attack-pattern:

Data Server - T1583.004 Server - T1584.004 Ssh - T1021.004 Connection Proxy - T1090

Show in Graph

Common Information

Type	Value
UUID	3905000e-d590-45db-bb97-25b43d48a3a8
Fingerprint	d13f55307f0e371f
Analysis status	DONE
Considered CTI value	-2
Text language
Published	Aug. 5, 2024, midnight
Added to db	Aug. 31, 2024, 10:55 a.m.
Last updated	Nov. 17, 2024, 11:40 p.m.
Headline	CVE-2024-43044 分析 — 通过代理在 Jenkins 中读取文件进行 RCE
Title	CVE-2024-43044 分析 — 通过代理在 Jenkins 中读取文件进行 RCE \| CTF导航
Detected Hints/Tags/Attributes	22/1/54

Source URLs

	Redirection	Url
Details	Source	https://www.ctfiot.com/202274.html

URL Provider

Details	Provider	Source level domain
Details	ctfiot.com	www.ctfiot.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	426	✔	CTF导航	https://www.ctfiot.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	CVE	15	cve-2024-43044
Details	Domain	1	jenkin.security
Details	Domain	2	hudson.remoting.channel
Details	Domain	2	remoteclassloader.java
Details	Domain	2	jarurlvalidatorimpl.java
Details	Domain	24	build.sh
Details	Domain	10	org.springframework.security
Details	Domain	4128	github.com
Details	Domain	13	www.jenkins.io
Details	Domain	219	gist.github.com
Details	Domain	27	hub.docker.com
Details	Domain	1	naiwaen.debuggingsoft.com
Details	Domain	71	www.openwall.com
Details	Domain	1	inbound-agent.md
Details	Domain	3	www.baeldung.com
Details	File	2	s2m.jar
Details	File	3	remoteclassloader.java
Details	File	4	remoting.jar
Details	File	2	jarurlvalidatorimpl.java
Details	File	4	exploit.jar
Details	File	31	pom.xml
Details	File	8	users.xml
Details	File	8	secret.key
Details	File	7	master.key
Details	File	2	security3430test.java
Details	File	1	tokenbasedremembermeservices2.java
Details	File	26	hub.doc
Details	File	1	2022-05-28_201016.jpg
Details	Github username	1	conisolabs
Details	Github username	1	hudson
Details	Github username	1	mtiennnnn
Details	Github username	3	jenkinsci
Details	Github username	19	advisories
Details	sha1	1	203b6a6c851697e83aefc37d1812bfde06390bfe
Details	sha256	2	b55d9b7fede47864572f4d0830a564a83ae78a4f297c1178b7f55601784f645c
Details	Mandiant Temporary Group Assumption	2	TEMP.GETCLASS
Details	Url	2	http://attacker/exploit.jar
Details	Url	1	https://github.com/conisolabs/cve-2024-43044-jenkins
Details	Url	1	https://www.jenkins.io/security/advisory/2024-08-07/#security
Details	Url	1	https://www.jenkins.io/security/advisory/2024-01-24/#security
Details	Url	1	https://www.jenkins.io/doc/book/using/using-agents
Details	Url	1	https://www.jenkins.io/projects/remoting
Details	Url	1	https://github.com/hudson/www
Details	Url	1	https://gist.github.com/mtiennnnn/551b7320c064db02aad815c6bdb91d9
Details	Url	1	https://github.com/jenkinsci/jenkins/blob/203b6a6c851697e83aefc37d1812bfde06390bfe/test/src/test/java/jenkins/security/security3430test.java#l244
Details	Url	1	https://github.com/jenkinsci/jenkins/blob/jenkins-2.470/core/src/main/java/hudson/security/tokenbasedremembermeservices2.java#l174
Details	Url	1	https://hub.docker.com/r/jenkins/jenkins
Details	Url	1	https://www.jenkins.io/doc/book/managing/system-properties
Details	Url	1	https://naiwaen.debuggingsoft.com/blog/wp-content/uploads/2022/06/2022-05-28_201016.jpg
Details	Url	1	https://github.com/advisories/ghsa-h856-ffvv-xvr4
Details	Url	1	https://www.jenkins.io/doc/book/security/controller-isolation/#agent
Details	Url	7	https://www.openwall.com/john
Details	Url	1	https://github.com/jenkinsci/remoting/blob/master/docs/inbound-agent.md
Details	Url	1	https://www.baeldung.com/java-instrumentation