1.5 KiB
1.5 KiB
Reveal passwords
Execute in https://INSTANCE/script to reveal passwords from a password hash (obtained via Inspect Element on a Credential)
hudson.util.Secret.decrypt('secret_hash')
Jenkins current jobs
https://INSTANCE/computer/api/json?tree=computer[executors[currentExecutable[*]]]
Reveal all secrets
Execute in https://INSTANCE/script to reveal all secrets
import com.cloudbees.plugins.credentials.CredentialsProvider
import com.cloudbees.plugins.credentials.Credentials
import com.cloudbees.plugins.credentials.domains.Domain
import jenkins.model.Jenkins
def indent = { String text, int indentationCount ->
def replacement = "\t" * indentationCount
text.replaceAll("(?m)^", replacement)
}
Jenkins.get().allItems().collectMany{ CredentialsProvider.lookupStores(it).toList()}.unique().forEach { store ->
Map<Domain, List<Credentials>> domainCreds = [:]
store.domains.each { domainCreds.put(it, store.getCredentials(it))}
if (domainCreds.collectMany{ it.value}.empty) {
return
}
def shortenedClassName = store.getClass().name.substring(store.getClass().name.lastIndexOf(".") + 1)
println "Credentials for store context: ${store.contextDisplayName}, of type $shortenedClassName"
domainCreds.forEach { domain , creds ->
println indent("Domain: ${domain.name}", 1)
creds.each { cred ->
cred.properties.each { prop, val ->
println indent("$prop = \"$val\"", 2)
}
println indent("-----------------------", 2)
}
}
}