关联漏洞
标题:
Joomla 安全漏洞
(CVE-2023-23752)
描述:Joomla是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla 4.0.0版本至4.2.7版本存在安全漏洞,该漏洞源于不正确的访问检查,允许对web服务端点进行未经授权的访问。
描述
simple program for joomla scanner CVE-2023-23752 with target list
介绍
# CVE-2023-23752
- This is a proof-of-concept code for the CVE-2023-23752 vulnerability. It allows an attacker to extract sensitive information such as usernames, passwords, and database names from a target application.
- Bulk scanner + get config + ip target from CVE-2023-23752
## Screenshot
## Installations
- clone this repository
- install the requirements
```
git clone https://github.com/MrP4nda1337/CVE-2023-23752
```
```
cd CVE-2023-23752
```
```
pip3 install -r requirements.txt
```
```
python3 run.py
```
Open Target Vuln
-----------------
cd CVE-2023-23752/data/result
Disclaimer
-----------------
This code is for educational purposes only and should not be used for illegal activities. The author is not responsible for any damage or harm caused by the use or misuse of this code.
文件快照
[4.0K] /data/pocs/63b2dfb9d6959bdd46b5f4499e475480cc85abf3
├── [4.0K] data
│ ├── [2.0K] banner.txt
│ ├── [4.0K] result
│ │ └── [ 0] empty.txt
│ └── [678K] user-agents.txt
├── [4.0K] extra
│ ├── [ 0] __init__.py
│ ├── [ 872] parser.py
│ └── [ 479] requester.py
├── [ 17] gitignore
├── [4.0K] img
│ ├── [ 1] images
│ ├── [ 70K] jomlaa.png
│ └── [ 98K] ss.jpg
├── [1017] README.md
├── [ 104] requirements.txt
├── [1.8K] run.py
└── [ 72K] target.txt
4 directories, 14 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。