Builder
Builder
Builder 591
Builder
RETIRED MACHINE

Builder

Builder - Linux Linux
Builder - Medium Medium

4.5

MACHINE RATING

2841

USER OWNS

2412

SYSTEM OWNS

12/02/2024

RELEASED
Created by polarbearer & amra13579

Machine Synopsis

Builder is a medium-difficulty Linux machine that features a Jenkins instance. The Jenkins instance is found to be vulnerable to the [CVE-2024-23897](https://www.cvedetails.com/cve/[CVE-2024-23897](https://nvd.nist.gov/vuln/detail/CVE-2024-23897)/) vulnerability that allows unauthenticated users to read arbitrary files on the Jenkins controller file system. An attacker is able to extract the username and password hash of the Jenkins user `jennifer`. Using the credentials to login into the remote Jenkins instance, an encrypted SSH key is exploited to obtain root access on the host machine.

Machine Matrix

Ready to start your
hacking journey?