Skip to content

davidfortytwo/CVE-2023-22518

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

CVE-2023-22518

Checker for CVE-2023-22518 and CVE-2023-22515 critical vulnerabilities in Confluence.

Description

This script is designed to check for and exploit vulnerabilities in Atlassian Confluence instances. It checks for the vulnerability CVE-2023-22518, and exploits the vulnerability CVE-2023-22515 to create a new administrator account if the instance is vulnerable (using code from Chocapikk)

Usage Guide:

Installation:

  • Ensure you have Python 3 installed on your machine.

  • Install the required libraries using the command:

      pip install -r requirements.txt
    

Running the script:

  • Single Instance Check and Exploit:

  • Use the command:

    python CVE-2023-22518.py -i <instance-url> -o <output-file>
    

-Replace with the URL of the Confluence instance you want to check and exploit.

  • Replace with the name of the file where you want to save any successful exploits. This argument is optional.

For example:

python CVE-2023-22518.py -i https://example.com/confluence -o exploits.txt

Legal Disclaimer:

This script is intended for educational and authorized testing purposes only. The user is responsible for ensuring that they have the necessary permissions to engage in testing activities on the target Confluence instance(s). Unauthorized access to computer systems is illegal, and users should ensure compliance with all applicable laws and regulations. The developer(s) assume no liability and are not responsible for any misuse or damage caused by this script.

About

Checker for CVE-2023-22518 vulnerability on Confluence

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages