Joomla 3.2 to 3.4.4 Remote SQL Injection Mass Exploit
Switch branches/tags
Nothing to show
Clone or download
Latest commit 6c38393 Jun 13, 2017
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
README.md Image Fixed. Jun 13, 2017
joomla_sqli_mass_exploit.py Create joomla_sqli_mass_exploit.py Oct 28, 2015

README.md

Joomla 3.2 to 3.4.4 Remote SQL Injection Mass Exploit

Exploit Title
- Joomla 3.2 to 3.4.4 Remote SQL Injection Mass Exploit
Date
- 25-10-2015
Requirements
- Python 3.4.x , Requests module (python -m pip install requests)
Vulnerable Version
- https://github.com/joomla/joomla-cms/releases/download/3.4.4/Joomla_3.4.4-Stable-Full_Package.zip
Vulnerability found by
- trustwave.com
Exploit Author
- Mukarram Khalid
Home Page
- mukarramkhalid.com
Tested on
- Windows 8.1 / Ubuntu 14.04
CVE
- CVE-2015-7297, CVE-2015-7857 and CVE-2015-7858
Blog Post
- https://mukarramkhalid.com/mass-exploit-joomla-3-2-to-3-4-sql-injection/

Read the blog post for some known issues.
Change Google Dork at line 106.

Preview