Share
## https://sploitus.com/exploit?id=B501F96A-3231-5C80-BADB-EFBFF5D0D66E
# Executing Arbitrary Code In Confluence Memory

[CVE-2023-22527](https://nvd.nist.gov/vuln/detail/CVE-2023-22527) is a widely known vulnerability affecting Atlassian Confluence. Most exploits for this vulnerability use `freemarker.template.utility.Execute()` to execute an operating system command, but they can do so much better. In this repository you'll find three [go-exploit](https://github.com/vulncheck-oss/go-exploit) implementations of CVE-2023-22527 that execute their payload without touching disk (at least until the user directs them to).

You will find the exploits in the following subdirectories

* webshell: loads a webshell into memory
* reverseshell: loads a reverse shell into memory
* nashorn: loads a Nashorn JavaScript reverse shell into memory (only affects Atlassian Confluence using Java below version 15)

## Compiling

All the repositories come with a dockerfile. To build it simply:

```
make docker
```

If you have a Go (and Java) build environment handy, you can also just use `make`:

```
albinolobster@mournland:~/cve-2023-22527/webshell$ make
gofmt -d -w cve-2023-22527.go 
golangci-lint run --fix cve-2023-22527.go
javac ABCDEFG.java -classpath ./lib/servlet-api.jar
Note: ABCDEFG.java uses or overrides a deprecated API.
Note: Recompile with -Xlint:deprecation for details.
GOOS=linux GOARCH=arm64 go build -o build/cve-2023-22527_linux-arm64 cve-2023-22527.go
```