Share
## https://sploitus.com/exploit?id=8A3D2F49-8E81-56D5-A63D-C7CEC6201B2E
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ
โ โโโโโโโโโโ โโโโโโโโโโโ โโโโโโโ โโโโโโโ โโโโโโโ โโโโโโโ โโโโโโโ โโโโโโโ โโโโโโโโโโ โโโ โโโ โ
โ โโโโโโโโโโโ โโโโโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโ โโโ โ
โ โโโ โโโ โโโโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโ โโโโโโโ โโโโโโโโโโโโโโโ โโโโ โโโโโโโโโโโโโโโ โ
โ โโโ โโโโ โโโโโโโโโโ โโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโ โโโโโโโ โโโโโโโโโ โโโ โโโโโโโโโโโโโโโ โ
โ โโโโโโโโ โโโโโโโ โโโโโโโโ โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ โโโโโโโโโโโโโโโโโ โโโโโโโโโโโ โโโ โ
โ โโโโโโโ โโโโโ โโโโโโโโ โโโโโโโโ โโโโโโโ โโโโโโโโโโโโโโโโ โโโโโโโโ โโโโโโโ โโโโโโโโโโ โโโ โ
โ โ
โ ๐ฅ Atlassian Confluence RCE Exploitation Framework ๐ฅ โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
```
**ใ Automated OGNL Injection Exploit Tool ใ**
[Features](#-features) โข
[Installation](#-installation) โข
[Usage](#-usage) โข
[Technical](#-how-it-works) โข
---
## ๐ฏ Overview
**CVE-2022-26134** is a Go-based exploitation framework targeting a critical OGNL injection vulnerability in Atlassian Confluence Server/Data Center.
This zero-interaction exploit enables unauthenticated remote code execution through automated payload generation, HTTP delivery, and reverse shell establishment.
```go
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Vulnerability Details โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ CVE ID: CVE-2022-26134 โ
โ CVSS: 9.8 (Critical) โ
โ Type: OGNL Injection โ
โ Auth: Not Required โ
โ Vector: Network โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
```
---
## โจ Features
```
โญโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฎ
โ ๐ฏ Auto IP Detection โ ๐ One-Command Exploit โ ๐ Reverse Shell โ
โ ๐ก HTTP Payload Server โ ๐ญ OGNL Injection โ โก Zero Interaction โ
โฐโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโฏ
```
---
## ๐ ๏ธ Installation
### Prerequisites
```bash
โโ[ Requirements ]
โ
โโโ Go 1.16+
โโโ curl
โโโ Linux/MacOS
```
### Quick Setup
```bash
# Clone repository
git clone https://github.com/Hghost0x00/CVE-2022-26134-GO.git
# Navigate to directory
cd CVE-2022-26134-GO
# Build binary
go build -o cve-2022-26134 main.go
# Set permissions
chmod +x cve-2022-26134
```
---
## ๐ Usage
### Launch Exploit
```bash
./cve-2022-26134
```
### Interactive Prompts
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Configuration โ
โฃโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโซ
โ [*] Detected IP: 192.168.1.100 โ
โ โ
โ [+] Enter Target IP: _______________ โ
โ [+] Enter Port: ____ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
```
### Exploitation Flow
```
[1] ๐ Payload Generation
โโ> shell.sh created
[2] ๐ HTTP Server
โโ> Listening on :8000
[3] ๐ Reverse Listener
โโ> Awaiting on :4444
[4] ๐ OGNL Injection
โโ> Download shell script
โโ> Set permissions
โโ> Execute payload
[5] ๐ Shell Established
โโ> Connection from 192.168.1.50
```
---
## ๐ฌ Technical Details
### Exploitation Chain
**Phase 1: Reconnaissance**
- Auto-detect attacker IP
- Configure listening ports
**Phase 2: Payload Delivery**
- Generate bash reverse shell
- Serve via HTTP (port 8000)
- Open TCP listener (port 4444)
**Phase 3: Exploitation**
- OGNL expression injection
- Download to `/tmp/s.sh`
- Execute with elevated perms
### Vulnerable Versions
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ Version Range โ Status โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ
๐บ COMING SOON: Full Walkthrough Video
Learn to build CVE automation tools from scratch:
โข Payload generation techniques
โข Exploitation logic design
โข End-to-end attack chain automation
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
```
**Subscribe for updates:** [youtube.com/@Hghost010](https://www.youtube.com/@Hghost010)
---
## ๐ License
**MIT License** โข See [LICENSE](LICENSE) for full details
---
## ๐จโ๐ป Author
**Hghost010**
[](https://github.com/Hghost0x00)
[](https://x.com/Hghost010)
---
## ๐ค Contributing
Contributions, issues, and feature requests are welcome!
**[Report Issues](https://github.com/Hghost0x00/CVE-2020-0618-GO/issues)** โข **[Submit PRs](https://github.com/Hghost0x00/CVE-2020-0618-GO/pulls)** โข **[Discussions](https://github.com/Hghost0x00/CVE-2020-0618-GO/discussions)**
---
```
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ โ
โ โญ Star this repo if you found it useful! โญ โ
โ โ
โ Made with ๐ for the security community โ
โ โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
```
**ยฉ 2025 Hghost010 โข Built for Security Researchers**