AtlasReaper is a command-line suite developed for offensive security purposes, primarily focused on reconnaissance of Confluence and Jira. It also provides various features that can be helpful for tasks such as credential farming and social engineering. The tool is written in C#.
AtlasReaper uses commands, subcommands, and options. The format for executing commands is as follows:
.\AtlasReaper.exe [command] [subcommand] [options]Replace [command], [subcommand], and [options] with the appropriate values based on the action you want to perform. For more information about each command or subcommand, use the -h or –help option.
Below is a list of available commands and subcommands:
Commands
Each command has sub commands for interacting with the specific product.
confluence
jira
Subcommands
Confluence
- confluence attach – Attach a file to a page.
- confluence download – Download an attachment.
- confluence embed – Embed a 1×1 pixel image to perform farming attacks.
- confluence link – Add a link to a page.
- confluence listattachments – List attachments.
- confluence listpages – List pages in Confluence.
- confluence listspaces – List spaces in Confluence.
- confluence search – Search Confluence.
Jira
jira addcomment - Add a comment to an issue.
jira attach - Attach a file to an issue.
jira createissue - Create a new issue.
jira download - Download attachment(s) from an issue.
jira listattachments - List attachments on an issue.
jira listissues - List issues in Jira.
jira listprojects - List projects in Jira.
jira listusers - List Atlassian users.
jira searchissues - Search issues in Jira.
Common Commands
help - Display more information on a specific command.
Examples
Here are a few examples of how to use AtlasReaper:
- Search for a keyword in Confluence with wildcard search:
.\AtlasReaper.exe confluence search --query "httpexample.com" --url $url --cookie $cookie- Attach a file to a page in Confluence:
.\AtlasReaper.exe confluence attach --page-id "12345" --file "C:\path\to\file.exe" --url $url --cookie $cookie- Create a new issue in Jira:
.\AtlasReaper.exe jira createissue --project "PROJ" --issue-type Task --message "I can't access this link from my host" --url $url --cookie $cookieAuthentication
Confluence and Jira can be configured to allow anonymous access. You can check this by supplying omitting the -c/–cookie from the commands.
In the event authentication is required, you can dump cookies from a user’s browser with SharpChrome or another similar tool.
- .\SharpChrome.exe cookies /showall
- Look for any cookies scoped to the *.atlassian.net named cloud.session.token or tenant.session.token
Installation using Visual Studio
- Clone the repository
git clone https://github.com/werdhaihai/AtlasReaper.git- Open the solution, AtlasReaper.sln, in Visual Studio
- Go to Tools -> NuGet Package Manager -> Package Manager Console to open the NuGet console and enter the following to install dependencies.
Install-Package Fody
Install-Package Costura.Fody
Install-Package Newtonsoft.Json
Install-Package CommandLineParser- After the packages are installed, build the project as Release. Go to Build -> Build Solution.
Limitations
Please note the following limitations of AtlasReaper:
The tool has not been thoroughly tested in all environments, so it’s possible to encounter crashes or unexpected behavior. Efforts have been made to minimize these issues, but caution is advised.
AtlasReaper uses the cloud.session.token or tenant.session.token which can be obtained from a user’s browser. Alternatively, it can use anonymous access if permitted. (API tokens or other auth is not currently supported)
For write operations, the username associated with the user session token (or “anonymous”) will be listed.
Contributing
If you encounter any issues or have suggestions for improvements, please feel free to contribute by submitting a pull request or opening an issue in the AtlasReaper repo.
