https://github.com/chocapikk/cve-2022-26134
CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection
https://github.com/chocapikk/cve-2022-26134
Last synced: 3 months ago
JSON representation
CVE-2022-26134 - Pre-Auth Remote Code Execution via OGNL Injection
- Host: GitHub
- URL: https://github.com/chocapikk/cve-2022-26134
- Owner: Chocapikk
- Created: 2022-06-13T23:01:39.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2022-10-19T16:27:48.000Z (over 3 years ago)
- Last Synced: 2025-04-13T17:07:37.726Z (about 1 year ago)
- Language: Python
- Size: 8.79 KB
- Stars: 4
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# [-] CVE-2022-26134 - Confluence Pre-Auth Remote Code Execution via OGNL Injection
## Usage
```bash
usage: exploit.py [-h] [-f FILE] [-c CMD] [-p LPORT] [-l LHOST] [-u URL] [-o OUTPUT]
options:
-h, --help show this help message and exit
-f FILE, --file FILE example.txt
-c CMD, --cmd CMD Shell command
-p LPORT, --lport LPORT
Local port for reverse shell
-l LHOST, --lhost LHOST
Local host for reverse shell
-u URL, --url URL Base target uri (ex. http://target-uri/)
-o OUTPUT, --output OUTPUT
```
## Shodan Dorks
```bash
shodan search 'http.favicon.hash:-305179312' --fields ip_str,port --limit 500 --separator ":" | sed 's/.$//'
shodan search 'http.component:"atlassian confluence"' --fields ip_str,port --limit 500 --separator ":" | sed 's/.$//'
shodan search 'http.title:"Log In - Confluence" 200' --fields ip_str,port --limit 500 --separator ":" | sed 's/.$//'
shodan search 'http.component:"atlassian confluence" http.title:"Log In - Confluence" 200' --fields ip_str,port --limit 500 --separator ":" | sed 's/.$//'
shodan search 'http.component:"atlassian confluence"' --fields ip_str,port --limit 500 --separator ":" | sed 's/.$//'
shodan search 'http.favicon.hash:-305179312 200' --fields ip_str,port --limit 500 --separator ":" | sed 's/.$//'
```
## Zoomeye Dorks
```bash
zoomeye search 'iconhash:-305179312' -num 800 -filter=ip,port
zoomeye search 'app:"atlassian confluence"' -num 800 -filter=ip,port
zoomeye search 'title:"Log In -Confluence"' -num 800 -filter=ip,port
```