CVE-2024-27198

This exploit leverages an authentication bypass vulnerability in JetBrains TeamCity by manipulating JSP handling and REST API endpoints to create an admin user without authentication.

This PoC exploits CVE-2024-27198, an authentication bypass vulnerability in JetBrains TeamCity, to achieve remote code execution (RCE) by uploading a malicious plugin. The exploit leverages JSP-based command injection and requires no prior authentication.

This exploit demonstrates Remote Code Execution (RCE) on TeamCity servers by adding a user with system administration privileges and executing commands via exposed REST APIs. It includes functionality for both single-target exploitation and batch scanning.

This PoC exploits CVE-2024-27198, an authentication bypass vulnerability in JetBrains TeamCity Server, by creating a new admin user via a crafted endpoint. It includes version checking and user creation with SYSTEM_ADMIN privileges.

This PoC exploits CVE-2024-27198, an authentication bypass vulnerability in JetBrains TeamCity, to create an admin user and achieve remote code execution (RCE). The script automates the process of user creation, token generation, and CSRF token retrieval.

This PoC exploits CVE-2024-27198, an authentication bypass vulnerability in JetBrains TeamCity before 2023.11.4, allowing unauthorized users to create admin accounts via a crafted POST request to '/hax?jsp=/app/rest/users;.jsp'.

This PoC exploits CVE-2024-27198, an authentication bypass vulnerability in TeamCity, to create a new admin user. It checks the server version and attempts to exploit the vulnerable endpoint to add a user with SYSTEM_ADMIN privileges.

This PoC exploits CVE-2024-27198, an authentication bypass leading to RCE in JetBrains TeamCity. It adds a user, generates a token, and executes commands via the debug endpoint.

This PoC exploits CVE-2024-27198, an authentication bypass vulnerability in JetBrains TeamCity, to achieve remote code execution (RCE) by uploading a malicious plugin. The exploit leverages JSP payloads to execute arbitrary commands on the target system.

This repository provides a detailed technical analysis and simulation environment for CVE-2024-27198, an authentication bypass vulnerability in JetBrains TeamCity. It includes a Docker-based setup to demonstrate the exploit chain from authentication bypass to RCE via malicious plugin upload.

The repository contains a functional exploit for CVE-2024-27198, an authentication bypass vulnerability in JetBrains TeamCity versions 2023.11.3 and below. The exploit sends a crafted POST request to create a new admin user, leveraging the vulnerability to bypass authentication.

This repository contains a Python-based mass scanner and exploit for CVE-2024-27198, targeting JetBrains TeamCity authentication bypass and RCE. It includes multi-threaded scanning, admin user creation, and RCE validation via debug endpoints or plugin uploads.

This is a writeup describing the exploitation of CVE-2024-27198, an RCE vulnerability in TeamCity. It details the steps taken to upload a malicious plugin, achieve remote command execution via a webshell, and retrieve a flag from the target server.

This PoC exploits an authentication bypass vulnerability in JetBrains TeamCity (CVE-2024-27198) by crafting a malicious request with a JSP parameter to access authenticated endpoints. It demonstrates token extraction, user creation, plugin upload, and command execution.

This PoC exploits an authentication bypass vulnerability in JetBrains TeamCity (CVE-2024-27198) to create an admin account. It leverages a path traversal technique to bypass authentication and sends a crafted JSON payload to grant SYSTEM_ADMIN privileges.

The writeup details an authentication bypass vulnerability in JetBrains TeamCity (CVE-2024-27198) due to improper handling of the `jsp` parameter in `BaseController`, allowing unauthenticated access to arbitrary endpoints and RCE via admin privilege escalation.

This repository contains a writeup in Portuguese describing CVE-2024-27198, an unauthenticated RCE vulnerability in JetBrains TeamCity. No exploit code or technical details are provided in the snippet.

This Go-based exploit leverages an authentication bypass vulnerability in TeamCity Server (CVE-2024-27198) to create a new admin user via a vulnerable JSP endpoint. It checks the server version and exploits the flaw to add a SYSTEM_ADMIN user.

This Metasploit module exploits an authentication bypass vulnerability (CVE-2024-27198) in JetBrains TeamCity to create an administrator access token or user account, then uploads a malicious plugin for unauthenticated remote code execution.