CVE-2021-26084 PoC — Atlassian Confluence Server 注入漏洞

Source

https://github.com/Jun-5heng/CVE-2021-26084

Associated Vulnerability

Title:Atlassian Confluence Server 注入漏洞 (CVE-2021-26084)
Description:In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5.

Description

confluence远程代码执行RCE / Code By:Jun_sheng

Readme

# CVE-2021-26084
# confluence远程代码执行RCE

## Code By:Jun_sheng @橘子网络安全实验室

橘子网络安全实验室 https://0range.team/

#### 0x00 风险概述

本工具仅限授权安全测试使用,禁止未授权非法攻击站点

在线阅读[《中华人民共和国网络安全法》](http://wglj.pds.gov.cn//upload/files/2020/4/1415254915.docx)

#### 0x01 工具使用

批量RCE脚本请将URL导入url.txt

单站点RCE请使用下面的命令：

　　python confluence_rce.py -u url -c cmd或python confluence_rce.py --url url --command cmd
  
　　使用shell功能请增加"--shell"参数

#### 0x02 Bug问题

Bug请提交Issues，有时间会看的。

#### 0x03 发现已知Bug

1. 批量脚本执行时回显不正确，暂时未找到修复方法
2. 对偶尔出现的命令回显查找时出现列表越界问题进行修复

#### 0x04 内容更新

1. 增加模拟shell功能，对发现网站漏洞的同时可以执行除预设探测命令外的命令

File Snapshot


 [4.0K]  /data/pocs/1c52fccb82e7281a3de96edfebe316403267e18f
├── [4.9K]  confluence_batch_rce.py
├── [6.2K]  confluence_rce.py
├── [ 994]  README.md
└── [134K]  url.txt

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!