Run Pneuma agent using CVE-2022-36804
Multiple API endpoints in Atlassian Bitbucket Server and Data Center allow remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request.
This TTP connects to Bitbucket, executes a basic command, and if successful, deploys a pneuma agent on the host.
To view this TTPs command, you must be logged in with a professional or enterprise license.Login
Test this TTP
Download Operator (1.7.1)