Conf-thief

Stealing All of the Confluence Things

Introducing Conf-Thief

I don’t have to explain to the experienced Red Teamer the treasure trove of secrets and intelligence data that can be found in the pages of an organization's Confluence instance. If the Red Teamer finds herself on a victim’s Confluence site this could mean finding secrets and sensitive data that might lead to an organization’s crown jewels. One might find account passwords, source code, or even private keys and addresses to cloud infrastructure. The victim account might not have access to ALL of the secrets within an organization, but chances are someone misconfigured access rights somewhere and the victim user probably has some unintended access to sensitive Confluence data.

Create API Token
Label your API Token
API Token
python3 conf_thief.py [-h] -c <TARGET URL> -u <Target Username> -p <API ACCESS TOKEN> -d <DICTIONARY FILE PATH>

Wrapping up

Hopefully this tool comes in handy for you on your next Red Team operation. I know it will for mine. Let me know if you have any more functionality ideas for this, or fork my repo and request a pull. I need to add threading to make the exporting and downloading go faster.

Red Team Pen Testing Nobody | OSCP | InfoSec | Tech Junkie | OIF Veteran | Tweets are mine, not yours, nor anyone else's... Certainly not my employer's