You all know that we have performed so many ctf
challenges and we got to know about jenkins there.so lets know about jenkins better.
For this we are here with the new challenges which you will face peforming ctf
challenges.to do it in a easier way we are here with a new article.so let’s do
it.
Table of Content
·
Install java
·
Import the GPG keys
·
Setup Jenkins
Jenkins penetration testing
Exploiting Groovy Script
Introduction of Jenkins
Jenkins is an open source automation server written in
Java that offers a simple way to set up a continuous CI / CD pipeline. It
supports version
control tools,including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, TD/OMS, ClearCase and RTC, and can execute Apache Ant, Apache
Maven and sbt based
projects as well as arbitrary shell scripts and Windows batch
commands. The creator of Jenkins is Kohsuke Kawaguch. Jenkins achieves Continuous Integration with the help
of plugins. Plugins allows the integration of Various DevOps stages. If
you want to integrate a particular tool, you need to install the plugins for
that tool. For example: Git, Maven 2 project, Amazon EC2, HTML publisher etc.
Lab setup
Install Java
Now we need to install Jenkins and for this it is
mandatory that you are logged in from sudo user or root. Because Jenkins is a
Java application, installing Java is the first step. Update the package index
and install the OpenJDK Java 8 package using the following commands:
sudo apt update
sudo apt install openjdk-8-jdk
wget -q -O -
https://pkg.jenkins.io/debian/jenkins.io.key | sudo apt-key add -
Install Jenkins
When the key is added, the system returns all right. Next,
add the Debian package repository to the source list of the server:
sudo sh -c 'echo
deb http://pkg.jenkins.io/debian-stable binary/ >
/etc/apt/sources.list.d/jenkins.list'
sudo apt update
The Jenkins version with the default Ubuntu packages is
often behind the project's latest version. You can use project-maintained
packages to install Jenkins to take advantage of the latest fixes and features.
Now open the kali terminal and install Jenkins from the given link below-
sudo apt install
Jenkins
sudo ufw allow
8080
You can use its status command to check that Jenkins has
successfully started.
systemctl status
jenkins
Visit Jenkins on its default port 8080 to set up your
installation using your server domain name or IP address: http:/your server ip or domain:8080
You should see the Unlock Jenkins screen displaying the
location of the initial password:
In the terminal window, you need to use the
cat command to display the password:
sudo cat
/var/lib/jenkins/secrets/initialAdminPassword
Copy the password from your terminal and paste it into
the Administrator password field and click Continue.
On the next page, you will be asked if you want to install
suggested plugins or if you want to select specific plugins. Click the Install suggested plugins box and start
the process of installation plugin instantly.
In my case it took so much time to get all plugin installed
successfully.
Once the installation is completed, you will get another
page to create First Admin user account, fill the all essential details and
click on “Save and Continue”.
You will see a confirmation page that "Jenkins is
ready”. To visit Jenkins main dashboard, click Start using Jenkins Click Save
and Finish after confirming the corresponding information.
That’s wonderful! You have successfully installed Jenkins on
your system.
0 comments:
Post a Comment