CVE-2022-36804 PoC — Atlassian Bitbucket Server 安全漏洞

Source

Associated Vulnerability

Description

A loader for bitbucket 2022 rce (cve-2022-36804)

Readme

# CVE-2022-36804 (Bitbucket RCE 2022)

This repo is part of the ***hgrab-framework***

### dork
`title: "<title>Public Repositories - Bitbucket</title>"`

### Affected product
    - Bitbucket Server and Data Center 7.6 prior to 7.6.17
    - Bitbucket Server and Data Center 7.17 prior to 7.17.10
    - Bitbucket Server and Data Center 7.21 prior to 7.21.4
    - Bitbucket Server and Data Center 8.0 prior to 8.0.3
    - Bitbucket Server and Data Center 8.1 prior to 8.1.3
    - Bitbucket Server and Data Center 8.2 prior to 8.2.2
    - Bitbucket Server and Data Center 8.3 prior to 8.3.1

### Installation
Install the app on the server
```sh
user@domain:~# git clone https://github.com/Inplex-sys/CVE-2022-36804.git
user@domain:~# cd ./CVE-2022-36804/
user@domain:~# python3 main.py <list.txt> <command>
```

The list file must contain the targets servers with this format `<http-https>://<target>:<port>`

![image](https://user-images.githubusercontent.com/69421356/192326094-8005846a-f67d-4206-a436-551ee092e920.png)

File Snapshot

 [4.0K]  /data/pocs/49389be3dff7eccf3c16b543e031695d9026f635
├── [ 11K]  LICENSE
├── [3.8K]  main.py
└── [1019]  README.md

0 directories, 3 files

Remarks