Hackers can abuse 33000 public Jira Atlassian environments with this simple Google Dork

Google Dorks are extremely powerful, they allow you to have a quick view on specific values by using the Google Search Engine and queries.

In this example, we will explain to you the Google Dork which you can use to find public hosted Jira Atlassian environments.

What is JIRA

Jira is a proprietary issue tracking product developed by Atlassian which allows bug tracking and agile project management. The product name is a truncation of Gojira, the Japanese word for Godzilla, which is a reference to a competitor, Bugzilla.

Finding Atlassian JIRA environments

intext:Powered by a free Atlassian Jira evaluation license. Please consider purchasing it today. -atlassian.com

Attention needed

The information that is given back by JIRA can be used by cyber-criminals and threat actors to target those environments. The threat actor can be aware of the product which is being used, and can act as a certified JIRA reseller which can give ‘free’ licenses, the only thing the individual/target has to do, is to download the (malicious) PDF file.