Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.
Path: blob/master/modules/auxiliary/scanner/jenkins/jenkins_udp_broadcast_enum.rb
Views: 11783
##1# This module requires Metasploit: https://metasploit.com/download2# Current source: https://github.com/rapid7/metasploit-framework3##45class MetasploitModule < Msf::Auxiliary6include Msf::Exploit::Remote::Udp7include Msf::Auxiliary::Report89def initialize(info = {})10super(11update_info(12info,13'Name' => 'Jenkins Server Broadcast Enumeration',14'Description' => %q(15This module sends out a udp broadcast packet querying for16any Jenkins servers on the local network.17Be advised that while this module does not identify the18port on which Jenkins is running, the default port for19Jenkins is 8080.20),21'Author' =>22[23'Adam Compton <[email protected]>',24'Matt Schmidt <[email protected]>'25],26'References' =>27[28[ 'URL', 'https://wiki.jenkins-ci.org/display/JENKINS/Auto-discovering+Jenkins+on+the+network' ]29],30'License' => MSF_LICENSE31)32)33deregister_udp_options34end3536def parse_reply(pkt)37# if empty packet, exit38return unless pkt[1]3940# strip to just the IPv4 address41if pkt[1] =~ /^::ffff:/42pkt[1] = pkt[1].sub(/^::ffff:/, '')43end4445# check for and extract the version string46ver = pkt[0].scan(/version>(.*)<\/version/i).flatten.first4748# if a version was identified, then out and store to DB49if ver50print_good("#{pkt[1]} - Found Jenkins Server #{ver} Version")51report_host(52host: pkt[1],53info: "Jenkins v.#{ver} (port typically 8080)"54)55end56end5758def run59print_status('Sending Jenkins UDP Broadcast Probe ...')6061udp_sock = connect_udp6263udp_sock.sendto('\n', '255.255.255.255', 33848, 0)6465# loop a few times to account for multiple or slow responders66iter = 067while (r = udp_sock.recvfrom(65535, 0.1)) && (iter < 20)68parse_reply(r)69iter += 170end71end72end737475