Introduction While using Jenkins, I came across the following quirk when modifying a stored credential: It is rare to still find an application returning some information into the password field to the user. A quick Base-64 decoding did not return anything interesting. Time to dig deeper! Files First, let’s check the data directory on the Jenkins instance: ├── credentials.xml ├── secret.key ├── se