Explore the vulnerabilities in Jenkins, the popular open-source automation server, in this 53-minute conference talk from Hack In The Box Security Conference. Dive into the research process that uncovered six CVEs, focusing on two critical vulnerabilities that allow anonymous attackers to gain full admin privileges on Jenkins servers. Learn about the code reverse-engineering techniques used to discover these security flaws and the exploitation methods that can compromise entire Jenkins infrastructures. Gain insights into the importance of Jenkins in DevOps stacks of major organizations and understand the potential impact of these vulnerabilities on software delivery processes. Follow along as the speaker details the step-by-step approach to probing, analyzing, and exploiting Jenkins, providing valuable knowledge for cybersecurity professionals and DevOps engineers alike.