2025-06-25 14:22:37 -07:00
rules :
- name : Jenkins Token or Crumb
id : kingfisher.jenkins.1
pattern : '(?i)jenkins.{0,10}(?:crumb)?.{0,10}\b([0-9a-f]{32,36})\b'
2025-11-04 13:55:31 -05:00
pattern_requirements :
min_digits : 2
2025-06-25 14:22:37 -07:00
min_entropy : 3.3
confidence : medium
examples :
- |
jenkins_user = 'root'
# jenkins_passwd = '116365fd86d63bf507aba962606a5c8956' Pre token
jenkins_passwd = '11811f784531053132519844d047186074' # Dev Token
jenkins_url = 'http://10.1.188.121'
- |
export JENKINS_USER=justin-admin-edit-view
export JENKINS_TOKEN=11f4274ec59be12eace9a08b08ee13d54b
export JENKINS=jenkins-cicd.apps.sno.openshiftlabs.net
- |
sh "curl -X POST 'http://jenkins.lsfusion.luxsoft.by/job/${Paths.updateParentVersionsJob}/build' --user ${USERPASS} -H 'Jenkins-Crumb:440561953171ba44ace9740562d172bb'"
references :
- https://www.jenkins.io/blog/2018/07/02/new-api-token-system/
- https://www.jenkins.io/doc/book/security/csrf-protection/
