exploit-cve-2023-23752's Introduction

Joomla! information disclosure - CVE-2023-23752 exploit

Joomla! < 4.2.8 - Unauthenticated information disclosure

Exploit for CVE-2023-23752 (4.0.0 <= Joomla <= 4.2.7).

Usage

Example

Requirements

Example using gem:

gem install httpx docopt paint
# or
bundle install

Deployment of a vulnerable environment

v4.2.7

docker-compose up --build

Then reach the installation page http://127.0.0.1:4242/installation/index.php.

Complete the installation (db credentials are root / MYSQL_ROOT_PASSWORD (cf. docker-compose.yml) and host is mysql not localhost).

Warning: of course this setup is not suited for production usage!

References

This is an exploit for the vulnerability CVE-2023-23752 found by Zewei Zhang from NSFOCUS TIANJI Lab.

Nice resources about the vulnerability:

For more details see exploit.rb.

Disclaimer

ACCEIS does not promote or encourage any illegal activity, all content provided by this repository is meant for research, educational, and threat detection purpose only.

exploit-cve-2023-23752's People

Contributors

Stargazers

Watchers

exploit-cve-2023-23752's Issues

undefined method `each' for nil:NilClass (NoMethodError)

Command :

ruby exploit.rb <host> --debug

Error:

exploit.rb:71:in `parse_users': undefined method `each' for nil:NilClass (NoMethodError)

  data.each do |user|
      ^^^^^
        from exploit.rb:85:in `display_users'
        from exploit.rb:135:in `<main>'

Please help

not working in version joomla 3.10.0-alpha1

[INF] No results found. Better luck next time!

Json parse error

ruby exploit.rb http://127.0.0.1:8080/pnns

/data/data/com.termux/files/usr/lib/ruby/3.2.0/json/common.rb:216:in parse': unexpected token at '' (JSON::ParserError) from /data/data/com.termux/files/usr/lib/ruby/3.2.0/json/common.rb:216:in parse'
from exploit.rb:69:in parse_users' from exploit.rb:85:in display_users'
from exploit.rb:135:in `

Recommend Projects

acceis / exploit-cve-2023-23752 Goto Github PK