Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-10392 PoC — CloudBees Jenkins Git Client Plugin 操作系统命令注入漏洞

Source
https://github.com/shoucheng3/jenkinsci__git-client-plugin_CVE-2019-10392_2-8-4
Associated Vulnerability
Title:CloudBees Jenkins Git Client Plugin 操作系统命令注入漏洞 (CVE-2019-10392)
Description:Jenkins Git Client Plugin 2.8.4 and earlier and 3.0.0-rc did not properly restrict values passed as URL argument to an invocation of 'git ls-remote', resulting in OS command injection.
Readme
# Git Client Plugin

[![Build Status](https://ci.jenkins.io/job/Plugins/job/git-client-plugin/job/master/badge/icon)](https://ci.jenkins.io/job/Plugins/job/git-client--plugin/job/master/)
[![Contributors](https://img.shields.io/github/contributors/jenkinsci/git-client-plugin.svg)](https://github.com/jenkinsci/git-client-plugin/graphs/contributors)
[![GitHub release](https://img.shields.io/github/release/jenkinsci/git-client-plugin.svg?label=release)](https://github.com/jenkinsci/git-client-plugin/releases/latest)

<img src="https://git-scm.com/images/logos/downloads/Git-Logo-2Color.png" width="303">

## Introduction

The git client plugin provides git application programming interfaces (APIs) for Jenkins plugins.
It can fetch, checkout, branch, list, merge, and tag repositories.
Refer to the [API documentation](https://javadoc.jenkins-ci.org/plugin/git-client/) for specific API details.

The [GitClient interface](https://javadoc.jenkins-ci.org/plugin/git-client/org/jenkinsci/plugins/gitclient/GitClient.html) provides the primary entry points for git access.
It support username / password credentials and private key credentials provided by the [Jenkins credentials plugin](https://plugins.jenkins.io/credentials).

## Changelog

Release notes are recorded in [GitHub](https://github.com/jenkinsci/git-client-plugin/releases) beginning with git client plugin 2.8.1.
Prior release notes are recorded on the [Jenkins wiki](https://wiki.jenkins.io/display/JENKINS/Git+Client+Plugin#GitClientPlugin-ChangeLog-MovedtoGitHub).

## Implementations

The git client plugin default implementation requires that [command line git](https://git-scm.com/downloads) is installed on the master and on every agent that will use git.
Command line git implementations working with large files should also install [git LFS](https://git-lfs.github.com/).
The command line git implementation is the canonical implementation of the git interfaces provided by the git client plugin.

Command line git is **enabled by default** when the git client plugin is installed.

### JGit

The git client plugin also includes two optional implementations that use [Eclipse JGit](https://www.eclipse.org/jgit/).
Eclipse JGit is a pure Java implementation of git.
The JGit implementation in the git client plugin provides most of the functionality of the command line git implementation.
When the JGit implementation is incomplete, the gap is noted in console logs.

JGit is **disabled by default** when the git client plugin is installed.

### Enabling JGit

Click the "**Add Git**" button in the "**Global Tool Configuration**" section under "**Manage Jenkins**" to add JGit or JGit with Apache HTTP Client as a git implementation.

![Enable JGit or JGit with Apache HTTP Client](images/enable-jgit.png)

### JGit with Apache HTTP Client

The original JGit implementation inside the git client plugin had issues with active directory authentication.
A workaround was implemented to provide JGit but use Apache HTTP client for authentication.
The issue in JGit has now been resolved and delivered in git client plugin releases.
JGit with Apache HTTP Client continues to delivered to assure compatibility.

## Windows Credentials Manager

Git for Windows is able to integrate with the Windows Credentials Manager for secure storage of credentials.
Windows Credentials Manager works very well for interactive users on the Windows desktop.
Windows Credentials Manager does not work as well for batch processing in the git client plugin.
It is best to disable Windows Credentials Manager when installing Git on Jenkins agents running Windows.

## Bug Reports

Report issues and enhancements with the [Jenkins issue tracker](https://issues.jenkins-ci.org).

## Contributing to the Plugin

Refer to [contributing to the plugin](CONTRIBUTING.md) for contribution guidelines.
File Snapshot

 [4.0K]  /data/pocs/4342ae676ab6a2143b0839d5cb29b560b1677f7d
├── [2.0K]  CONTRIBUTING.md
├── [4.0K]  images
│   └── [ 36K]  enable-jgit.png
├── [ 691]  Jenkinsfile
├── [1.1K]  LICENSE
├── [8.5K]  pom.xml
├── [3.8K]  README.md
└── [4.0K]  src
    ├── [4.0K]  main
    │   ├── [4.0K]  java
    │   │   ├── [4.0K]  hudson
    │   │   │   └── [4.0K]  plugins
    │   │   │       └── [4.0K]  git
    │   │   │           ├── [2.1K]  Branch.java
    │   │   │           ├── [ 12K]  GitAPI.java
    │   │   │           ├── [1.2K]  GitException.java
    │   │   │           ├── [1.2K]  GitLockFailedException.java
    │   │   │           ├── [2.8K]  GitObject.java
    │   │   │           ├── [7.2K]  GitTool.java
    │   │   │           ├── [ 12K]  IGitAPI.java
    │   │   │           ├── [4.0K]  IndexEntry.java
    │   │   │           ├── [ 117]  package-info.java
    │   │   │           ├── [4.2K]  Revision.java
    │   │   │           └── [2.6K]  Tag.java
    │   │   └── [4.0K]  org
    │   │       ├── [4.0K]  apache
    │   │       │   └── [4.0K]  commons
    │   │       │       └── [4.0K]  httpclient
    │   │       │           └── [4.0K]  contrib
    │   │       │               └── [4.0K]  ssl
    │   │       │                   ├── [7.5K]  EasySSLProtocolSocketFactory.java
    │   │       │                   └── [4.5K]  EasyX509TrustManager.java
    │   │       └── [4.0K]  jenkinsci
    │   │           └── [4.0K]  plugins
    │   │               └── [4.0K]  gitclient
    │   │                   ├── [5.0K]  AbstractGitAPIImpl.java
    │   │                   ├── [5.4K]  ChangelogCommand.java
    │   │                   ├── [2.1K]  CheckoutCommand.java
    │   │                   ├── [124K]  CliGitAPIImpl.java
    │   │                   ├── [4.1K]  CloneCommand.java
    │   │                   ├── [1.9K]  FetchCommand.java
    │   │                   ├── [ 39K]  GitClient.java
    │   │                   ├── [ 489]  GitCommand.java
    │   │                   ├── [7.3K]  Git.java
    │   │                   ├── [ 12K]  GitURIRequirementsBuilder.java
    │   │                   ├── [ 531]  InitCommand.java
    │   │                   ├── [4.0K]  jgit
    │   │                   │   ├── [ 138]  package-info.java
    │   │                   │   ├── [1.4K]  PreemptiveAuthHttpClientConnectionFactory.java
    │   │                   │   └── [ 17K]  PreemptiveAuthHttpClientConnection.java
    │   │                   ├── [1.2K]  JGitApacheTool.java
    │   │                   ├── [105K]  JGitAPIImpl.java
    │   │                   ├── [1.1K]  JGitProgressMonitor.java
    │   │                   ├── [1.3K]  JGitTool.java
    │   │                   ├── [ 11K]  LegacyCompatibleGitAPIImpl.java
    │   │                   ├── [2.4K]  MergeCommand.java
    │   │                   ├── [5.8K]  Netrc.java
    │   │                   ├── [ 114]  package-info.java
    │   │                   ├── [1.5K]  PushCommand.java
    │   │                   ├── [ 361]  RebaseCommand.java
    │   │                   ├── [ 29K]  RemoteGitImpl.java
    │   │                   ├── [1.3K]  RepositoryCallback.java
    │   │                   ├── [1.8K]  RevListCommand.java
    │   │                   ├── [2.3K]  SubmoduleUpdateCommand.java
    │   │                   └── [4.0K]  trilead
    │   │                       ├── [3.5K]  CredentialsProviderImpl.java
    │   │                       ├── [ 117]  package-info.java
    │   │                       ├── [5.0K]  SmartCredentialsProvider.java
    │   │                       ├── [1.5K]  StandardUsernameCredentialsCredentialItem.java
    │   │                       ├── [2.6K]  TrileadSessionFactory.java
    │   │                       └── [2.0K]  TrileadSession.java
    │   ├── [4.0K]  javadoc
    │   │   └── [1.4K]  overview.html
    │   └── [4.0K]  resources
    │       ├── [4.0K]  hudson
    │       │   └── [4.0K]  plugins
    │       │       └── [4.0K]  git
    │       │           └── [4.0K]  GitTool
    │       │               ├── [  69]  config_it.properties
    │       │               ├── [1.2K]  config_ja.properties
    │       │               ├── [ 575]  config.jelly
    │       │               ├── [  86]  global_it.properties
    │       │               ├── [1.2K]  global_ja.properties
    │       │               ├── [1.7K]  global.jelly
    │       │               ├── [  85]  help-home.html
    │       │               └── [ 121]  help-home_ja.html
    │       ├── [4.0K]  META-INF
    │       │   └── [ 337]  hudson.remoting.ClassFilter
    │       └── [4.0K]  org
    │           └── [4.0K]  jenkinsci
    │               └── [4.0K]  plugins
    │                   └── [4.0K]  gitclient
    │                       ├── [4.0K]  JGitApacheTool
    │                       │   ├── [ 434]  config.jelly
    │                       │   ├── [ 147]  global.jelly
    │                       │   └── [ 733]  help.html
    │                       ├── [4.0K]  JGitTool
    │                       │   ├── [ 434]  config.jelly
    │                       │   ├── [ 135]  global.jelly
    │                       │   └── [ 332]  help.html
    │                       └── [   0]  Messages.properties
    └── [4.0K]  test
        ├── [4.0K]  java
        │   ├── [4.0K]  hudson
        │   │   └── [4.0K]  plugins
        │   │       └── [4.0K]  git
        │   │           ├── [1.9K]  BranchTest.java
        │   │           ├── [1.7K]  GitAPIBadInitTest.java
        │   │           ├── [4.8K]  GitExceptionTest.java
        │   │           ├── [1.5K]  GitLockFailedExceptionTest.java
        │   │           ├── [1.9K]  GitObjectTest.java
        │   │           ├── [1.9K]  GitToolResolverTest.java
        │   │           ├── [2.8K]  GitToolTest.java
        │   │           ├── [5.3K]  IndexEntryTest.java
        │   │           ├── [6.3K]  RevisionTest.java
        │   │           └── [1.4K]  TagTest.java
        │   └── [4.0K]  org
        │       └── [4.0K]  jenkinsci
        │           └── [4.0K]  plugins
        │               └── [4.0K]  gitclient
        │                   ├── [7.2K]  CliGitAPIImplAuthTest.java
        │                   ├── [ 11K]  CliGitAPIImplTest.java
        │                   ├── [4.9K]  CliGitAPITempFileTest.java
        │                   ├── [2.5K]  CliGitAPIWindowsFilePermissionsTest.java
        │                   ├── [4.8K]  CliGitCommand.java
        │                   ├── [ 19K]  CredentialsTest.java
        │                   ├── [7.4K]  FilePermissionsTest.java
        │                   ├── [210K]  GitAPITestCase.java
        │                   ├── [ 86K]  GitClientTest.java
        │                   ├── [1.4K]  GitJenkinsRuleTest.java
        │                   ├── [3.7K]  GitTest.java
        │                   ├── [ 26K]  GitURIRequirementsBuilderTest.java
        │                   ├── [4.0K]  jgit
        │                   │   └── [4.4K]  PreemptiveAuthHttpClientConnectionTest.java
        │                   ├── [1.8K]  JGitApacheAPIImplTest.java
        │                   ├── [1.7K]  JGitAPIImplTest.java
        │                   ├── [ 217]  LegacyCompatibleGitAPIImplJGitTest.java
        │                   ├── [ 10K]  LegacyCompatibleGitAPIImplTest.java
        │                   ├── [1.5K]  LogHandler.java
        │                   ├── [3.0K]  LogHandlerTest.java
        │                   ├── [ 16K]  MergeCommandTest.java
        │                   ├── [ 13K]  NetrcTest.java
        │                   ├── [ 415]  NotImplementedInCliGit.java
        │                   ├── [ 411]  NotImplementedInJGit.java
        │                   ├── [1.6K]  PushSimpleTest.java
        │                   ├── [ 12K]  PushTest.java
        │                   ├── [2.8K]  RemotingTest.java
        │                   ├── [1.0K]  StringSharesPrefix.java
        │                   ├── [2.7K]  SubmodulePatternStringTest.java
        │                   ├── [4.0K]  trilead
        │                   │   ├── [5.1K]  CredentialsProviderImplTest.java
        │                   │   ├── [ 10K]  SmartCredentialsProviderTest.java
        │                   │   └── [1.2K]  StandardUsernamePasswordCredentialsImpl.java
        │                   └── [3.6K]  WarnTempDirValueTest.java
        └── [4.0K]  resources
            ├── [1.2K]  namespaceBranchRepoCreate.sh
            ├── [ 417]  namespaceBranchRepo.ls-remote
            ├── [ 23K]  namespaceBranchRepo.zip
            ├── [ 568]  netrc_1a.in
            ├── [ 951]  netrc_1.in
            ├── [ 335]  netrc_2.in
            ├── [3.1K]  specialBranchRepoCreate.sh
            ├── [2.0K]  specialBranchRepo.ls-remote
            ├── [ 43K]  specialBranchRepo.zip
            ├── [ 713]  unicodeCharsInChangelogRepoCreate.sh
            └── [ 24K]  unicodeCharsInChangelogRepo.zip

43 directories, 123 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →