Tidy the docs, fix the username

The username can not contain capital letters, or the operation will fail.
rapid7 · Oct 19, 2023 · ee0e5b9 · ee0e5b9
1 parent c79cc5a
commit ee0e5b9
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 10 deletions.
diff --git a/documentation/modules/auxiliary/admin/http/atlassian_confluence_auth_bypass.md b/documentation/modules/auxiliary/admin/http/atlassian_confluence_auth_bypass.md
@@ -1,9 +1,8 @@
-# Description
-
+## Vulnerable Application
 This module exploits an Broken Access Control vulnerability in Atlassian Confluence servers leads to Authentication Bypass.
 
 A specially crafted request can be create new admin account without authorization in the Atlassian server.
-## Vulnerable Application
+
 Affecting Atlassian Confluence from version 8.0.0 to before 8.3.3, from version 8.4.0 before 8.4.3 and from version 8.5.0 before 8.5.2.
 
 ## Verification Steps
@@ -18,16 +17,23 @@ Affecting Atlassian Confluence from version 8.0.0 to before 8.3.3, from version
 8. `set NEW_USERNAME <username>`
 9. `set NEW_PASSWORD <password>`
 10. `run`
-11. You should get a new admin account. 
+11. You should get a new admin account.
 
 ## Options
-- **TARGETURI**: Path to Atlassian Confluence installation ("/" is the default)
-- **NEW_USERNAME**: Username to be used when creating a new user with admin privileges.
-- **NEW_PASSWORD**: Password to be used when creating a new user with admin privileges.
-- **NEW_EMAIL**: E-mail to be used when creating a new user with admin privileges.
+### TARGETURI
+Path to Atlassian Confluence installation ("/" is the default)
+
+### NEW_USERNAME
+Username to be used when creating a new user with admin privileges. The username must not contain capital letters.
+
+### NEW_PASSWORD
+Password to be used when creating a new user with admin privileges.
+
+### NEW_EMAIL
+E-mail to be used when creating a new user with admin privileges.
 
 ## Scenarios
-## Tested on Confluence Server 8.0.0 with Linux target (Ubuntu 20.04)
+### Tested on Confluence Server 8.0.0 with Linux target (Ubuntu 20.04)
 ```
 msf6 > use auxiliary/multi/http/atlassian_confluence_auth_bypass
 msf6 > auxiliary(admin/http/atlassian_confluence_auth_bypass) > set RHOSTS <YOUR_TARGET>

diff --git a/modules/auxiliary/admin/http/atlassian_confluence_auth_bypass.rb b/modules/auxiliary/admin/http/atlassian_confluence_auth_bypass.rb
@@ -42,7 +42,7 @@ def initialize(info = {})
 
     register_options([
       OptString.new('TARGETURI', [true, 'Base path', '/']),
-      OptString.new('NEW_USERNAME', [true, 'Username to be used when creating a new user with admin privileges', Rex::Text.rand_text_alpha(8)]),
+      OptString.new('NEW_USERNAME', [true, 'Username to be used when creating a new user with admin privileges', Faker::Internet.username], regex: /^[a-z._@]+$/),
       OptString.new('NEW_PASSWORD', [true, 'Password to be used when creating a new user with admin privileges', Rex::Text.rand_text_alpha(8)]),
       OptString.new('NEW_EMAIL', [true, 'E-mail to be used when creating a new user with admin privileges', Faker::Internet.email])
     ])