Update jenkins_script_console.rb to remove deprecated sun.misc.BASE64Decoder class #16750
Commits on Jul 6, 2022
-
Update jenkins_script_console.rb
Modern Java disabled the sun.misc.BASE64Decoder class so exploit will fail on any newer version of Jenkins. The java.util.Base64 class should be used now; the change has been confirmed to work with the latest version of Jenkins (the current exploit silently fails).
-
Commits on Aug 25, 2022
-
Fail back to the old method using error handling
Tested successfully on docker image tags: * Jenkins 1.565 (pushed 2015-11-14) * Jenkins 2.60.3 (pushed 2018-07-17) Tested unsuccessfully on docker image tags: * Jenkins 2.346.3 (pushed 2022-08-10) Issue is that login is broken because the URI changed from j_acegi_security_check to j_spring_security_check. -
-
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.