From 81c1a0dd2e9426d729d08e2540c3326ce13745f2 Mon Sep 17 00:00:00 2001
From: veo <38176360+veo@users.noreply.github.com>
Date: Sun, 8 Aug 2021 19:51:23 +0800
Subject: [PATCH] =?UTF-8?q?=E5=8A=A0=E5=85=A5jenkins=E6=9C=AA=E6=8E=88?=
 =?UTF-8?q?=E6=9D=83=E8=AE=BF=E9=97=AE=E6=A3=80=E6=B5=8B?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 pkg/httpx/runner/runner.go  |  3 +++
 poc/jenkins/Unauthorized.go | 27 +++++++++++++++++++++++++++
 2 files changed, 30 insertions(+)
 create mode 100644 poc/jenkins/Unauthorized.go

diff --git a/pkg/httpx/runner/runner.go b/pkg/httpx/runner/runner.go
index 4b504524..0f81633b 100755
--- a/pkg/httpx/runner/runner.go
+++ b/pkg/httpx/runner/runner.go
@@ -898,6 +898,9 @@ retry:
 					technologies = append(technologies, fmt.Sprintf("fastjson|%s", fastjsonversion))
 				}
 			case "Jenkins":
+				if jenkins.Unauthorized(URL.String()) {
+					technologies = append(technologies, "exp-jenkins|Unauthorized script")
+				}
 				if jenkins.CVE_2018_1000110(URL.String()) {
 					technologies = append(technologies, "exp-jenkins|CVE_2018_1000110")
 				}
diff --git a/poc/jenkins/Unauthorized.go b/poc/jenkins/Unauthorized.go
new file mode 100644
index 00000000..7a1cc524
--- /dev/null
+++ b/poc/jenkins/Unauthorized.go
@@ -0,0 +1,27 @@
+package jenkins
+
+import (
+	"fmt"
+	"github.com/veo/vscan/pkg"
+	"strings"
+)
+
+func Unauthorized(u string) bool {
+	if req, err := pkg.HttpRequset(u, "GET", "", false, nil); err == nil {
+		if req.Header.Get("X-Jenkins-Session") != "" {
+			if req2, err := pkg.HttpRequset(u+"/script", "GET", "", false, nil); err == nil {
+				if req2.StatusCode == 200 && strings.Contains(req2.Body, "Groovy script") {
+					fmt.Printf("jenkins-exp-sucess|Unauthorized script|%s\n", u+"/script")
+					return true
+				}
+			}
+			if req2, err := pkg.HttpRequset(u+"/computer/(master)/scripts", "GET", "", false, nil); err == nil {
+				if req2.StatusCode == 200 && strings.Contains(req2.Body, "Groovy script") {
+					fmt.Printf("jenkins-exp-sucess|Unauthorized script|%s\n", u+"/computer/(master)/scripts")
+					return true
+				}
+			}
+		}
+	}
+	return false
+}