Share
## https://sploitus.com/exploit?id=A9F1801D-9A3D-556F-A4DA-DD3BD891B23C
# CVE-2023-42793

TeamCity CVE-2023-42793 RCE (Remote Code Execution)  

## `rce.py`
Inspired by - https://www.prio-n.com/blog/cve-2023-42793-attacking-defending-JetBrains-TeamCity  

`python3 rce.py --url teamcity.runner.htb --command whoami`

## `exploit.py`
This script is copy of https://www.exploit-db.com/exploits/51884 made by [ByteHunter](https://www.exploit-db.com/?author=12126).  
**The script returns login credentials, it's not RCE!**

`python3 exploit.py -u teamcity.runner.htb`

**USE ONLY FOR EDUCATIONAL PURPOSES!**

> **_NOTE:_** This exploit is created as a PoC; use it only for educational purposes or CTFs - https://flojboj.org/article/Runner