Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2023-22515 PoC — Atlassian Confluence Server 安全漏洞

Source
https://github.com/Chocapikk/CVE-2023-22515
Associated Vulnerability
Title:Atlassian Confluence Server 安全漏洞 (CVE-2023-22515)
Description:Atlassian has been made aware of an issue reported by a handful of customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence Data Center and Server instances to create unauthorized Confluence administrator accounts and access Confluence instances. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue.
Description
CVE-2023-22515: Confluence Broken Access Control Exploit
Readme
# CVE-2023-22515 Exploit Script 🔐

This script is designed to exploit the CVE-2023-22515 vulnerability in Confluence, which allows for unauthorized access to Confluence Server and Confluence Data Center instances. The vulnerability is categorized as a Broken Access Control issue and has a CVSS base score of 10.0. ⚠️

## Prerequisites 💻

Before using this script, make sure you have the following prerequisites in place:

- Python 3.x installed 🐍
- Required Python packages (`requests`, `fire`, `rich`, and `alive-progress`) installed. You can install them using `pip`:

```shell
pip install -r requirements.txt
```

## Usage 🚀

The script provides two main commands for exploiting the vulnerability:

### 1. Normal Mode 🔍

In normal mode, you can exploit the Confluence vulnerability using a single target URL. Run the following command:

```shell
python3 exploit.py normal [TARGET_URL] --output-file=[OUTPUT_FILE]
```

Replace `[TARGET_URL]` with the URL of the Confluence instance you want to target, and `[OUTPUT_FILE]` with the file you'd like to save vulnerable server details to.

Example:

```shell
python3 exploit.py normal https://example.com/confluence --output-file=vulnerable_servers.txt
```

### 2. Mass Mode 🔍

In mass mode, you can exploit the vulnerability using a list of target URLs from a file. Create a text file with one target URL per line and run the following command:

```shell
python3 exploit.py mass [FILE_NAME] --output-file=[OUTPUT_FILE]
```

Replace `[FILE_NAME]` with the name of the file containing the list of target URLs, and `[OUTPUT_FILE]` with the file you'd like to save vulnerable server details to.

Example:

```shell
python3 exploit.py mass targets.txt --output-file=vulnerable_servers.txt
```

## Example Output ℹ️

The script will provide information about the exploitation process, such as whether the vulnerability was successfully triggered, whether a new administrator was created, and whether authentication was successful.

```shell
[INFO] Successfully exploited https://example.com/confluence and logged in as admin!
```

## Disclaimer ⚠️

This script is provided for educational and informational purposes only. Use it responsibly and only on systems that you have permission to test. Unauthorized access to computer systems is illegal and unethical. 🚫
File Snapshot

 [4.0K]  /data/pocs/bdca627311c6356180e3159de2db43f90b0fda7a
├── [6.3K]  exploit.py
├── [2.3K]  README.md
└── [  64]  requirements.txt

0 directories, 3 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →