CVE-2015-8562 PoC — Joomla! Core 远程代码执行漏洞

Source

https://github.com/ZaleHack/joomla_rce_CVE-2015-8562

Associated Vulnerability

Title:Joomla! Core 远程代码执行漏洞 (CVE-2015-8562)
Description:Joomla!是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla!中存在安全漏洞。远程攻击者可借助HTTP User-Agent头利用该漏洞实施PHP对象注入攻击，执行任意PHP代码。以下版本受到影响：Joomla! 1.5.x版本，2.x版本，3.4.6之前3.x版本。（在2015年12月广泛利用）

Description

All versions of the Joomla! below 3.4.6 are known to be vulnerable. But exploitation is possible with PHP versions below 5.5.29, 5.6.13 and below 5.5.

Readme

# joomla_rce_CVE-2015-8562
All versions of the Joomla! below 3.4.6 are known to be vulnerable. But exploitation is possible with PHP versions below 5.5.29, 5.6.13 and below 5.5.



Démo : https://www.youtube.com/watch?v=twqYpn1ir4o

File Snapshot


 [4.0K]  /data/pocs/ae07c1511f00f4c89a9afb40809a97520dd2901d
├── [1.5K]  joomla_rce_CVE-2015-8562
└── [ 233]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!