CVE-2022-26134

This exploit leverages an OGNL injection vulnerability in Confluence Data Center to achieve remote code execution. It sends a crafted HTTP request with a malicious payload to execute arbitrary commands on the target system.

This repository contains a collection of exploit PoCs for various CVEs, including CVE-2022-26134. The main script, Serein.py, is a multi-nday batch exploitation tool that integrates multiple exploit modules for vulnerabilities like RCE, SQL injection, and unauthorized access.

This repository contains a working exploit for CVE-2022-26134, which targets a vulnerability in Apache Struts2. The exploit injects a Godzilla memory shell into the target system using a JavaScript payload and Java reflection techniques.

This is a functional proof-of-concept exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. It includes two exploit methods: a reverse shell and a file reader, both tested against vulnerable versions.

This repository contains a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The exploit allows unauthenticated remote code execution by injecting a malicious OGNL expression into the target URL.

This is a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence allowing unauthenticated remote code execution. The exploit sends a crafted HTTP request with an OGNL payload to execute arbitrary commands on the target system.

This is a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. It includes both a proof-of-concept check and an interactive shell for remote command execution via Nashorn JavaScript engine.

This is a functional exploit for CVE-2022-26134, an unauthenticated remote code execution vulnerability in Confluence Server and Data Center. It leverages OGNL injection to execute arbitrary commands and retrieves the output via HTTP headers.

This is a honeypot implementation for CVE-2022-26134, an unauthenticated remote OGNL injection vulnerability in Atlassian Confluence. It logs exploitation attempts and returns mock responses without allowing actual command execution.

This repository contains a Python script that exploits CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The exploit sends a crafted payload to execute arbitrary commands on vulnerable instances and checks for the presence of an 'X-Response' header to confirm exploitation.

This repository contains a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The exploit allows unauthenticated remote code execution by injecting malicious OGNL expressions into the target URL.

This repository contains a Go-based scanner and exploit for CVE-2022-26134, a pre-auth OGNL injection vulnerability in Confluence leading to remote code execution. The tool detects vulnerable Confluence instances and executes arbitrary commands via a crafted payload.

This repository contains a functional PoC for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit allows unauthenticated remote code execution by injecting a malicious payload into the target server, which executes arbitrary commands and returns the output in the response header.

This repository contains a working PoC for CVE-2022-26134, a vulnerability in Apache Struts2, which exploits a remote code execution flaw to deploy a Behinder memory shell. The exploit uses a JavaScript payload to dynamically load and execute a malicious class in memory.

This repository contains a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit sends a crafted payload to execute arbitrary commands on vulnerable systems and includes a Shodan script to identify potential targets.

This repository contains scripts to detect indicators of compromise (IOCs) related to CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The scripts check for malicious IPs in logs and verify file hashes of potentially compromised files.

This is a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Confluence Server and Data Center. It constructs a malicious payload to execute arbitrary commands via a crafted URL, leveraging Java's ProcessBuilder for command execution.

This repository contains a functional exploit for CVE-2022-26134, a Confluence RCE vulnerability, with a GUI interface for executing commands and reverse shells. The PoC includes multiple Confluence CVEs and supports proxy configurations.

This repository contains a functional exploit for CVE-2022-26134, a pre-authentication remote code execution vulnerability in Atlassian Confluence via OGNL injection. The exploit supports both direct command execution and reverse shell payloads, with options for interactive shell sessions.

This is a functional proof-of-concept exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. It executes arbitrary commands (e.g., 'id') via a crafted URL path and retrieves the output via the 'X-Cmd-Response' header.

This repository contains a Python-based PoC for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The exploit allows unauthenticated remote code execution by injecting malicious OGNL expressions via HTTP requests.

This repository provides a detailed analysis of CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. It includes detection strategies, mitigation plans, and indicators of compromise (IOCs) but does not contain exploit code.

This repository contains a working proof-of-concept exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit uses a crafted HTTP request to execute arbitrary commands via the Nashorn JavaScript engine.

This repository contains a functional proof-of-concept exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The exploit allows unauthenticated remote code execution by injecting a payload that executes arbitrary commands and returns the output in an HTTP response header.

This repository contains a Python script that checks for the presence of CVE-2022-26134, a remote code execution vulnerability in Atlassian Confluence. The script sends an HTTP GET request to a specific endpoint and checks the response for indicators of vulnerability.

This repository provides a Docker-based vulnerable environment for CVE-2022-26134, an OGNL injection vulnerability in Confluence Server/Data Center. It includes detection via Nuclei, demonstrating unauthenticated RCE via URI-based payloads.

This repository contains a writeup and video PoC for CVE-2022-26134, an unauthenticated OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The vulnerability allows remote code execution without authentication.

This repository contains a functional PoC for CVE-2022-26134, an unauthenticated OGNL injection vulnerability in Atlassian Confluence. The exploit leverages a crafted payload to execute arbitrary commands and retrieve output via HTTP response headers.

This is a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Apache Struts2, allowing remote command execution via crafted payloads. It includes both command execution and reverse shell capabilities.

This is a functional exploit for CVE-2022-26134, targeting an OGNL injection vulnerability in Atlassian Confluence. It supports reverse shell execution and file reading via crafted payloads sent to the vulnerable endpoint.

This PoC exploits CVE-2022-26134, a remote code execution vulnerability in Apache Struts2, by sending a crafted HTTP request with an OGNL expression to execute arbitrary commands. The script reads target URLs from a file and checks for vulnerability by executing the 'id' command.

This is a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. It allows unauthenticated remote code execution by injecting a payload via a crafted URL.

This repository contains a functional Python exploit for CVE-2022-26134, an unauthenticated OGNL injection vulnerability in Atlassian Confluence. The exploit supports command execution, reverse shells, file uploads, and log cleaning.

This is a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. It allows remote command execution by leveraging an OGNL expression to execute arbitrary commands and retrieve their output via HTTP headers.

This repository contains a functional Python-based proof-of-concept exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit allows unauthenticated remote code execution by injecting a malicious payload into the target URL, which executes arbitrary commands and returns the output via the 'X-Cmd-Response' header.

This PoC exploits CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence, allowing unauthenticated remote code execution via crafted HTTP requests. The script uses the `pocsuite3` framework to verify and exploit the vulnerability by injecting an OGNL expression that executes the `id` command.

This repository contains a functional Python-based proof-of-concept exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit allows unauthenticated remote code execution by injecting a malicious payload into the target URL, which leverages Java runtime commands to execute arbitrary system commands.

This repository provides a working proof-of-concept exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit leverages a crafted payload to achieve remote code execution (RCE) by injecting OGNL expressions that execute system commands.

This is a functional PoC for CVE-2022-26134, an unauthenticated OGNL injection vulnerability in Atlassian Confluence. It exploits the vulnerability to execute arbitrary commands via a crafted payload and retrieves the output via the X-Response header.

This is a Python-based exploit for CVE-2022-26134, an OGNL injection vulnerability in Confluence. It allows remote command execution by crafting a malicious URL with an OGNL payload that executes arbitrary commands and returns the output via a custom HTTP header.

This is a functional PoC for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. It allows unauthenticated remote code execution by injecting malicious OGNL expressions via a crafted HTTP request.

This PoC exploits CVE-2022-26134, a remote code execution vulnerability in Atlassian Confluence. It uses an OGNL injection via a crafted URL to execute arbitrary commands (e.g., 'id') and retrieves the output via the 'X-Cmd-Response' header.

This PoC exploits CVE-2022-26134, an OGNL injection vulnerability in Confluence Server and Data Center, allowing unauthenticated remote code execution via a crafted URL. The script uses the pocsuite3 framework to verify and exploit the vulnerability by executing the 'id' command.

This exploit leverages an OGNL injection vulnerability in Apache Struts2 (CVE-2022-26134) to execute arbitrary commands on the target system. The payload uses reflection to invoke Java Runtime.exec() and returns the command output via an HTTP response header.

This repository is a writeup for CVE-2022-26134, an unauthenticated RCE vulnerability in Atlassian Confluence Server and Data Center. It provides explanations, references, and links to exploitation resources but does not contain actual exploit code.

This is a functional Ruby exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence allowing unauthenticated remote code execution. The script sends a crafted HTTP request to execute arbitrary commands via OGNL injection and retrieves output via response headers.

This repository contains a Python-based exploit for CVE-2022-26134, targeting a command injection vulnerability in Apache Struts2. The exploit bypasses `isSafeExpression` checks and supports both single-command execution and an interactive shell mode.

This repository provides a Yara rule for detecting exploits targeting CVE-2022-26134, a critical RCE vulnerability in Atlassian Confluence. It includes instructions for using ClamAV to scan for indicators of compromise.

This exploit leverages CVE-2022-26134, an OGNL injection vulnerability in Apache Struts2, to execute arbitrary commands via a crafted payload. The payload uses runtime execution and response header manipulation to return command output.

This PoC exploits CVE-2022-26134, an OGNL injection vulnerability in Apache Struts2, to execute arbitrary commands (e.g., 'id') via a crafted URL. The exploit leverages the vulnerable endpoint to trigger command execution and retrieves the output via a custom HTTP header.

This repository contains a functional PoC exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The exploit leverages unauthenticated remote code execution via a crafted URI path to execute arbitrary commands on the target system.

This repository provides a detailed technical analysis of CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. It includes root cause analysis, patch details, detection tools, and forensic artifacts.

This repository contains a functional Python exploit for CVE-2022-26134, an unauthenticated OGNL injection vulnerability in Atlassian Confluence. The exploit supports RCE via base64-encoded commands, file reads, and reverse shells, with additional features like vulnerability checks and interface-to-address resolution.

The repository contains a functional Python exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit sends a crafted payload to execute arbitrary commands on vulnerable Confluence Server or Data Center instances, with the output returned in the 'X-Cmd-Response' header.

This repository contains a functional Python exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit sends a crafted payload to execute arbitrary commands on vulnerable Confluence Server or Data Center instances, with the output returned in the 'X-Cmd-Response' header.

This is a Python-based exploit for CVE-2022-26134, an unauthenticated remote code execution vulnerability in Atlassian Confluence Server and Data Center. It leverages OGNL injection to execute arbitrary commands on vulnerable systems.

The repository contains only a README.md with minimal and incomplete information about CVE-2022-26134, mentioning Atlassian Confluence Data Center 2016 and OGNL injection. No functional exploit code or technical details are provided.

This repository provides a functional proof-of-concept exploit for CVE-2022-26134, an unauthenticated RCE vulnerability in Atlassian Confluence. The exploit leverages OGNL injection via the Nashorn JavaScript engine to execute a reverse shell payload.

This PoC exploits CVE-2022-26134, an OGNL injection vulnerability in Confluence Server, allowing remote command execution via crafted HTTP requests. It includes interactive command execution and a backdoor creation feature using netcat.

This is a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. It allows unauthenticated remote code execution by crafting a malicious request that executes arbitrary commands via Runtime.exec().

This is a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence allowing pre-authentication remote code execution. The exploit sends a crafted HTTP request with an OGNL payload to execute arbitrary commands on the target system.

This repository contains a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The exploit allows unauthenticated remote code execution by injecting a malicious OGNL expression into the target URL.

This is a functional PoC for CVE-2022-26134, an OGNL injection vulnerability in Confluence Server and Data Center. The script exploits the vulnerability to execute arbitrary commands via a crafted URI, retrieving the output in the response headers.

This repository contains a detailed writeup on CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence leading to unauthenticated remote code execution. It includes exploitation details, detection methods, and patching guidance.

This Go-based PoC exploits CVE-2022-26134, an OGNL injection vulnerability in Apache Struts2, to achieve remote command execution via crafted HTTP requests. It checks for vulnerability presence and allows interactive command execution on vulnerable targets.

This is a functional PoC for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence Server and Data Center. The exploit leverages the `pocsuite3` framework to execute arbitrary commands (e.g., `id`) via a crafted URL and checks for the presence of the `X-Cmd-Response` header in the response.

This is a functional PoC for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence allowing unauthenticated remote code execution. The script sends a crafted HTTP request to trigger the vulnerability and checks for the presence of command execution output in the response headers.

This PoC exploits CVE-2022-26134, a remote code execution vulnerability in Atlassian Confluence. It uses an OGNL injection via a crafted URL to execute arbitrary commands (e.g., 'id') and retrieves the output via the 'X-Cmd-Response' header.

This is a PoC for CVE-2022-26134, a remote code execution vulnerability in Atlassian Confluence. The exploit uses a crafted URL with OGNL injection to execute arbitrary commands (e.g., 'id') and retrieves the output via the 'X-Cmd-Response' header.

This PoC exploits CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence, to achieve remote code execution. It sends a crafted HTTP request with an OGNL payload to execute the 'id' command and retrieves the output via the 'X-Cmd-Response' header.

This PoC exploits CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence, allowing remote command execution via a crafted payload. It checks the target version and executes arbitrary commands, returning the output via an HTTP header.

This repository contains a functional proof-of-concept exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit allows remote command execution by leveraging the vulnerable endpoint to execute arbitrary commands via a crafted payload.

This repository contains a scanner for CVE-2022-26134, an OGNL injection vulnerability in Confluence Server/Data Center. It queries Shodan for potential targets and checks for vulnerability by executing a 'whoami' command via the payload.

This repository contains a Python script that scans for CVE-2022-26134, a remote code execution vulnerability in Atlassian Confluence. The script checks for the presence of the vulnerability by attempting to execute the 'id' command and checking for a response containing 'uid'.

This repository contains a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence. The exploit allows remote code execution (RCE) via crafted HTTP requests, supporting reverse shell and file read operations.

This repository contains a functional exploit for CVE-2022-26134, an OGNL injection vulnerability in Confluence Server. The exploit allows remote command execution by crafting a malicious payload that is sent to the target server, leveraging the vulnerable endpoint to execute arbitrary commands.

This Metasploit module exploits CVE-2022-26134, an OGNL injection vulnerability in Atlassian Confluence, to achieve remote code execution. It uses a crafted URI to inject OGNL expressions, enabling command execution on Unix and Windows systems.