This repository contains an exploit for a vulnerability named "Joomla Unauthenticated Information Disclosure" (CVE-2023-23752). Please note that this is merely a proof-of-concept script created for educational purposes and should be used responsibly.
This exploit is designed to demonstrate how an unauthenticated information disclosure vulnerability could potentially be exploited.
This repository is intended for educational purposes only. Do not use this code or any information contained within for malicious purposes. Always follow ethical guidelines and respect the law.
Usage:
python3 juid.py [option] URL
Example:
python3 juid.py -a http://vulnerable-website.com
Options:
-u dump users
-U dump users in full JSON format
-c dump configs
-C dump configs in full JSON format
-a dump users and configs
-A dump users and configs in full JSON format
Prerequisites:
• A local development environment
• Python installed (python version should be 3.10 or higher)
• To run this exploit, you can follow these steps:
Clone this repository to your local machine.
git clone https://github.com/AlissonFaoli/CVE-2023-23752.git
Navigate to the project directory.
cd CVE-2023-23752
Run the juid.py script.
python3 juid.py -a http://vulnerable-website.com
Please remember that this exploit should never be used against real software or systems you're not authorized to test. Unauthorized access or any malicious activity is illegal.
This exploit is released under the MIT License. You can find more information about this in the LICENSE file.
Github: https://github.com/AlissonFaoli
LinkedIn: https://linkedin.com/in/alisson-faoli
If you have any questions or concerns about this exploit, please feel free to contact the author