Openfire Plugin Reverse Shell

Repo: https://github.com/miko550/CVE-2023-32315

Steps:

1) Upload the .jar plugin from the github repo you cloned to target

2) Go to: Server -> Server Settings -> Management Tool. Password is 123

3) Go to system command

4) Setup a listener then run a powershell base64 encoded payload to catch the reverse shell. Use https://www.revshells.com/ to craft the payload according to your IP and PORT.