CVE-2023-22515 PoC — Atlassian Confluence Server 安全漏洞

Source

Associated Vulnerability

Description

CVE-2023-22515

Readme

# Confluence Hack
CVE-2023-22515

## exploit.py
Exploit to create a new admin user \
Compromised audit log: \
![](./audit_log.png) \
As a reverence served: https://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html and https://github.com/Chocapikk/CVE-2023-22515

## plugin_shellplug.jar
This plugin provides a web-based shell interface for executing command-line commands on a server \
You can install it from the Confluence web admin GUI \
Was found on a server that was live in production \
![](./plugin.png)

## ShellServlet.java
Is the decompiled file of plugin_shellplug.jar

## Tested on
- Confluence Server 8.5.1

## Disclaimer
This repository is provided for educational and informational purposes only. Use it responsibly and only on systems that you have permission to test. Unauthorized access to computer systems is illegal and unethical.

File Snapshot

 [4.0K]  /data/pocs/a886ffa5274b8664b376c3d0b2b1e9910254010e
├── [134K]  audit_log.png
├── [1.8K]  exploit.py
├── [ 23K]  plugin.png
├── [4.0K]  plugin_shellplug
│   └── [4.0K]  com
│       └── [4.0K]  jsos
│           └── [4.0K]  shell
│               └── [ 21K]  ShellServlet.java
├── [9.3K]  plugin_shellplug.jar
└── [ 902]  README.md

4 directories, 6 files

Remarks