CVE-2017-8917 PoC — Joomla! SQL注入漏洞

Source

https://github.com/BaptisteContreras/CVE-2017-8917-Joomla

Associated Vulnerability

Title:Joomla! SQL注入漏洞 (CVE-2017-8917)
Description:Joomla!是美国Open Source Matters团队的一套使用PHP和MySQL开发的开源、跨平台的内容管理系统(CMS)。 Joomla! 3.7.1之前的3.7.x版本中存在SQL注入漏洞。远程攻击者可利用该漏洞执行任意SQL命令。

Description

CVE-2017-8917 SQL injection Vulnerability in Joomla! 3.7.0 exploit

Readme

# CVE-2017-8917-Joomla

Python script to exploit the CVE-2017-8917 SQL injection Vulnerability in Joomla! 3.7.0

Created for **educational purposes only**. Used for the [**TryHackMe Dailybugle CTF**](https://tryhackme.com/room/dailybugle)



## Advisory

All the scripts/binaries in this repository should be used for authorized penetration testing and/or educational purposes only. Any misuse of this software will not be the responsibility of the author or of any other collaborator. Use it at your own networks and/or with the network owner's permission.


## Usage

```
python3 main.py --host x.x.x.x [--debug]
```

## Example

On the [**TryHackMe Dailybugle CTF**](https://tryhackme.com/room/dailybugle)

![result.png](result.png)

File Snapshot


 [4.0K]  /data/pocs/dea0879794484318573a55c4be8ab84b3901da0b
├── [ 542]  docker-compose.yaml
├── [ 11K]  main.py
├── [ 735]  README.md
└── [373K]  result.png

0 directories, 4 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!