CVE-2017-1000353

This exploit leverages a Java deserialization vulnerability in Jenkins (CVE-2017-1000353) by sending two HTTP requests to establish a bidirectional channel. The first request initiates the session, while the second delivers a serialized payload to achieve remote code execution (RCE).

This repository provides references to external PoCs and advisories for CVE-2017-1000353, a Jenkins Java deserialization vulnerability leading to remote code execution. It includes links to functional exploits and technical details but does not contain direct exploit code.

This repository contains a functional exploit for CVE-2017-1000353, a deserialization vulnerability in Jenkins. The exploit leverages a crafted serialized payload to achieve remote code execution (RCE) by exploiting insecure deserialization in the Jenkins CLI interface.

This repository provides references to external PoCs and advisories for CVE-2017-1000353, a Jenkins Java deserialization vulnerability leading to remote code execution. It lacks direct exploit code but includes links to functional PoCs and detailed advisory information.

The repository contains no actual exploit code or technical details about CVE-2017-1000353. It only includes JavaScript bundle files and a minimal README with no meaningful content, suggesting it may be a placeholder or lure.

The repository lacks functional exploit code for CVE-2017-1000353, instead containing placeholder files, generic documentation, and unrelated Docker configurations. No technical details or PoC code are present.

This Metasploit module exploits an unauthenticated Java deserialization vulnerability in Jenkins CLI (CVE-2017-1000353) to achieve remote code execution. It crafts a malicious serialized object and sends it to the target Jenkins instance via the CLI endpoint.