{"uuid": "dddaf722-60f5-46a0-8ddc-22047d49ea8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23897", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/3725", "content": "Exploitation and scanning (https://www.kitploit.com/search/label/Scanning) tool specifically designed for Jenkins versions <= 2.441 & <= LTS 2.426.2. It leverages CVE-2024-23897 to assess and exploit vulnerabilities (https://www.kitploit.com/search/label/vulnerabilities) in Jenkins instances.  \nUsage\n Ensure you have the necessary permissions to scan (https://www.kitploit.com/search/label/Scan) and exploit the target systems. Use this tool responsibly and ethically. python CVE-2024-23897.py -t  -p  -f \n or python CVE-2024-23897.py -i  -f \n Parameters: - -t or --target: Specify the target IP(s). Supports single IP, IP range, comma-separated list, or CIDR (https://www.kitploit.com/search/label/CIDR) block. - -i or --input-file: Path to input file containing hosts in the format of http://1.2.3.4:8080/ (one per line). - -o or --output-file: Export results to file (optional). - -p or --port: Specify the port number. Default is 8080 (optional). - -f or --file: Specify the file to read on the target system. \nChangelog\n \n[27th January 2024] - Feature Request\n  Added scanning/exploiting via input file with hosts (-i INPUT_FILE).  Added export to file (-o OUTPUT_FILE).  \n[26th January 2024] - Initial Release\n  Initial release.  \nContributing\n Contributions are welcome. Please feel free to fork, modify, and make pull requests or report issues. \nAuthor\n Alexander Hagenah - URL (https://primepage.de/) - Twitter (https://twitter.com/xaitax) \nDisclaimer\n This tool is meant for educational and professional purposes only. Unauthorized scanning and exploiting (https://www.kitploit.com/search/label/Exploiting) of systems is illegal and unethical. Always ensure you have explicit permission to test and exploit any systems you target.\n\nDownload CVE-2024-23897 (https://github.com/xaitax/CVE-2024-23897)", "creation_timestamp": "2024-02-25T13:06:09.000000Z"}