Skip to content

p4b3l1t0/confusploit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

confluence_domains.txt

confluence_domains.txt

 
 

confusploit.py

confusploit.py

 
 

readme.md

readme.md

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

This is a Script to find vulnerable servers to CVE-2022-26134 and can be used together SHODAN CLI and Bash Scripting One-Liner

Please use only for legal and educational purposes

Confluence Pre-Auth Remote Code Execution via OGNL Injection (CVE-2022-26134)

  • On June 02, 2022 Atlassian released a security advisory for their Confluence Server and Data Center applications, highlighting a critical severity unauthenticated remote code execution vulnerability. The OGNL injection vulnerability allows an unauthenticated user to execute arbitrary code on a Confluence Server or Data Center instance.

Installation

Clone the repo:

git clone https://github.com/p4b3l1t0/confusploit.git && cd confusploit

Install requirements:

pip3 install -r requirements.txt

Give permissions:

chmod +x confusploit.py

Execute and choose your best option:

python3 confusploit.py

About

This is a python script that can be used with Shodan CLI to mass hunting Confluence Servers vulnerable to CVE-2022-26134

Resources

Readme
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages