This Python script is an exploitation tool for an unauthenticated information disclosure vulnerability in Joomla! versions 4.0.0 up to 4.2.7. It allows for the disclosure of sensitive information from vulnerable Joomla! sites.
The exploit targets a vulnerability identified as CVE-2023-23752, where unauthorized access to user and configuration data is possible due to improper access control in Joomla! web service endpoints. This script is designed to extract user information and configuration details from the target Joomla! site, providing insights into its setup and potentially sensitive data.
- Python 3.x
- Requests library
- Colorama library
To install the required Python libraries, run:
pip install requests coloramaThe script can be executed from the command line, with the target URL as a mandatory argument. There are also options for debugging and disabling colored output.
python CVE-2023-23752.py <url> [options]url: Root URL (base path) of the target Joomla! site, including the HTTP scheme, port, and root folder if necessary.--debug: Optional. If set, the script will print debug information, including the fetched data.--no-color: Optional. If set, disables colored output for better compatibility with different terminal emulators.
python CVE-2023-23752.py https://example.com- Fetch and display user information (ID, name, username, email, and group names).
- Fetch and display configuration details (site name, editor, captcha settings, database connection info, etc.).
- Modular Python script with clear separation of concerns for ease of reading and maintenance.
- Cross-platform compatibility with colorized output for enhanced readability.
This tool is intended for educational and ethical hacking purposes only. Usage of this software for attacking targets without prior mutual consent is illegal. The developer assumes no liability and is not responsible for any misuse or damage caused by this program.
- Vulnerability discovered by Zewei Zhang from NSFOCUS TIANJI Lab.
- Original Ruby exploit script by noraj (Alexandre ZANNI) for ACCEIS.