关联漏洞
标题:Atlassian Confluence Server 安全漏洞 (CVE-2023-22515)Description:Atlassian Confluence Server是澳大利亚Atlassian公司的一套具有企业知识管理功能,并支持用于构建企业WiKi的协同软件的服务器版本。 Atlassian Confluence Server存在安全漏洞,该漏洞源于外部攻击者可能利用可公开访问的Confluence Data Center和Confluence Serve,用未知的漏洞来创建Confluence 管理员帐户并访问 Confluence 实例。
Description
CVE-2023-22515
介绍
# Confluence Hack
CVE-2023-22515
## exploit.py
Exploit to create a new admin user \
Compromised audit log: \
 \
As a reverence served: https://packetstormsecurity.com/files/175225/Atlassian-Confluence-Unauthenticated-Remote-Code-Execution.html and https://github.com/Chocapikk/CVE-2023-22515
## plugin_shellplug.jar
This plugin provides a web-based shell interface for executing command-line commands on a server \
You can install it from the Confluence web admin GUI \
Was found on a server that was live in production \
## ShellServlet.java
Is the decompiled file of plugin_shellplug.jar
## Tested on
- Confluence Server 8.5.1
## Disclaimer
This repository is provided for educational and informational purposes only. Use it responsibly and only on systems that you have permission to test. Unauthorized access to computer systems is illegal and unethical.
文件快照
[4.0K] /data/pocs/a886ffa5274b8664b376c3d0b2b1e9910254010e
├── [134K] audit_log.png
├── [1.8K] exploit.py
├── [ 23K] plugin.png
├── [4.0K] plugin_shellplug
│ └── [4.0K] com
│ └── [4.0K] jsos
│ └── [4.0K] shell
│ └── [ 21K] ShellServlet.java
├── [9.3K] plugin_shellplug.jar
└── [ 902] README.md
4 directories, 6 files
备注
1. 建议优先通过来源进行访问。
2. 本地 POC 快照面向订阅用户开放;当原始来源失效或无法访问时,本地镜像作为订阅权益的一部分提供。
3. 持续抓取、验证、维护这份 POC 档案需要不少投入,因此本地快照已纳入付费订阅。您的订阅是让这份资料能继续走下去的关键,由衷感谢。 查看订阅方案 →