CVE-2023-42793 PoC — JetBrains TeamCity 安全漏洞

Source

https://github.com/Zenmovie/CVE-2023-42793

Associated Vulnerability

Title:JetBrains TeamCity 安全漏洞 (CVE-2023-42793)
Description:JetBrains TeamCity是捷克JetBrains公司的一套分布式构建管理和持续集成工具。该工具提供持续单元测试、代码质量分析和构建问题分析报告等功能。 JetBrains TeamCity 2023.05.4之前版本存在安全漏洞，该漏洞源于攻击者可以绕过身份验证，导致在 TeamCity 服务器上执行RCE 。

Description

PoC of CVE-2023-42793

Readme

# CVE-2023-42793
## For educational purposes only

PoC for CVE-2023-42793

Usage CVE-2023-42793_admin.sh:
```
chmod +x CVE-2023-42793_admin.sh
./CVE-2023-42793_admin.sh {ip/domain_name} {port}
```
![image](https://github.com/Zenmovie/CVE-2023-42793/assets/98185655/44b3bddb-00d9-488b-b6c0-42282daf4570)

Proof of working:

![image](https://github.com/Zenmovie/CVE-2023-42793/assets/98185655/be6d7dd6-274a-409c-9a69-462be383518d)

----

Usage CVE-2023-42793_rce.sh:
```
chmod +x CVE-2023-42793_rce.sh
./CVE-2023-42793_rce.sh {ip/domain_name} {port} {command}
```

Proof of working:

![image](https://github.com/Zenmovie/CVE-2023-42793/assets/98185655/7eb723a8-2484-428b-9014-62f30e029a2d)

![image](https://github.com/Zenmovie/CVE-2023-42793/assets/98185655/82664467-5b3f-403a-8598-7676a64b3ee2)

File Snapshot


 [4.0K]  /data/pocs/e2fd1bd0fbcd534c5c9f870a943ea19bb2249f79
├── [ 773]  CVE-2023-42793_admin.sh
├── [ 860]  CVE-2023-42793_rce.sh
└── [ 795]  README.md

0 directories, 3 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!