> As I was reading the article, I found the author mentioned some of the dorks for Jenkins and Sonarqube.
I wonder if anyone could explain what "dork" means in this context? My searches are only finding the common derogatory meaning, e.g. "a socially inept person."
> Google “Dorking” is the practice of using Google to find vulnerable web applications and servers by using native Google search engine capabilities. [0]
I've contributed a few small patches to some well-known open-source projects. In the months after that I've received a few automated mails from some CI systems informing me about some (un)successful build. Probably because somewhere somebody integrated a new version of said open-source projects in their product and the system is configured to mail every committer the outcome of the CI pipeline, regardless of whether that committer is actually an employee...
Still sloppy ops though.
Also, there's a Jenkins Mask Passwords plugin which we use in conjunction with not exposing our Jenkins server to the Internet. Plus its worthwhile wrapping Jenkins with TLS.
+1. Jenkins even has an authenticated mode, but their code quality is so inconsistent that even that's not enough.
When we investigated in 2015, we found an average of 3 remote code execution / escalation of privilege CVEs per year in the previous 4 years. Looking at [1], I see the trend is still not great - 30 CVEs in 2018.
Fundamentally, it seems to me that Jenkins does not have the mindset to do security well. This isn't surprising given its plugin architecture permits random code to run. Isolate it behind a proxy server like https://github.com/pusher/oauth2_proxy and sleep better at night.
Set up a network, don't make it public. Block everything incoming except your VPN tunnel should you need remote access. That's how a private network works.
The easy way is to set up some sort of router, most of them NAT and block port forwarding. That way you can only access your Jenkins from the local network.
The only thing that keeps popping into my mind as I read this: is it illegal to hack foreign computer systems?
What are the varying levels of legality? (e.g. hacking a French company would see you extradited, hacking Iran/North Korea could bring Federal charges, but Russia.. China..?)
There are enough laws in most places thoroughly covering these kinds of activities that you can safely assume it’s breaking at least some law in some jurisdiction.
And even if you wouldn’t be in the jurisdiction that prohibits it and/or wouldn’t be extradited for it, that doesn’t technically make it legal.
Most laws don't care about the nationality of the victim - i.e. in a legal sense yes it is illegal. Whether or not the governments would work together to extradite/charge you, on the other hand, is a different story.
I wonder if anyone could explain what "dork" means in this context? My searches are only finding the common derogatory meaning, e.g. "a socially inept person."