Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-26134 PoC — Atlassian Confluence Server 注入漏洞

Source
https://github.com/BBD-YZZ/Confluence-RCE
Associated Vulnerability
Title:Atlassian Confluence Server 注入漏洞 (CVE-2022-26134)
Description:Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能,并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server 和 Data Center 存在注入漏洞。攻击者利用该漏洞执行任意代码。以下产品及版本受到影响:1.3.0版本至7.4.17之前版本、7.13.0版本至7.13.7之前版本、7.14.0版本至7.14.3之前版本、7.15.0版本至 7.15.2之前版本、7.16.0版本至7.16.4之
Description
confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)
Readme
## confluence rce (CVE-2021-26084, CVE-2022-26134, CVE-2023-22527)

### Usage: python3 mian.py

#### 检测

![1](https://github.com/BBD-YZZ/Confluence-RCE/blob/master/images/1.PNG)

![2](https://github.com/BBD-YZZ/Confluence-RCE/blob/master/images/2022.PNG)

![3](https://github.com/BBD-YZZ/Confluence-RCE/blob/master/images/2023.PNG)

#### 命令执行

![4](https://github.com/BBD-YZZ/Confluence-RCE/blob/master/images/2022_command.PNG)

![5](https://github.com/BBD-YZZ/Confluence-RCE/blob/master/images/2023_command.PNG)

#### 反弹shell
![6](https://github.com/BBD-YZZ/Confluence-RCE/blob/master/images/2022_rev.PNG)

![7](https://github.com/BBD-YZZ/Confluence-RCE/blob/master/images/rev.PNG)

#### 支持socks5和http代理

![8](https://github.com/BBD-YZZ/Confluence-RCE/blob/master/images/proxy.PNG)

*仅用于交流和学习~*
File Snapshot

 [4.0K]  /data/pocs/ba195b84368608e534d7def435ce3c21e0652d4c
├── [4.0K]  gui
│   ├── [ 35K]  gui.py
│   └── [4.0K]  __pycache__
│       └── [ 47K]  gui.cpython-312.pyc
├── [4.0K]  icon
│   └── [ 18K]  time.ico
├── [4.0K]  images
│   ├── [ 16K]  1.PNG
│   ├── [ 14K]  2022_command.PNG
│   ├── [ 12K]  2022.PNG
│   ├── [138K]  2022_rev.PNG
│   ├── [ 11K]  2023_command.PNG
│   ├── [ 11K]  2023.PNG
│   ├── [127K]  2023_rev.PNG
│   ├── [ 20K]  proxy.PNG
│   └── [130K]  rev.PNG
├── [ 173]  main.py
├── [4.0K]  pocs
│   ├── [5.7K]  CVE_2021_26084.py
│   ├── [3.4K]  CVE_2022_26134.py
│   ├── [ 11K]  CVE_2023_22527.py
│   └── [4.0K]  __pycache__
│       ├── [6.5K]  CVE_2021_26084.cpython-312.pyc
│       ├── [5.4K]  CVE_2022_26134.cpython-312.pyc
│       └── [ 12K]  CVE_2023_22527.cpython-312.pyc
├── [ 838]  README.md
└── [4.0K]  toolss
    ├── [ 536]  check_proxy.py
    ├── [ 868]  dnsLog.py
    ├── [4.0K]  __pycache__
    │   ├── [1.0K]  check_proxy.cpython-312.pyc
    │   ├── [1.6K]  dnsLog.cpython-312.pyc
    │   ├── [ 731]  uilts.cpython-312.pyc
    │   └── [4.0K]  utils.cpython-312.pyc
    └── [1.6K]  utils.py

8 directories, 27 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.