CVE-2023-23752 PoC — [20230201] - Core - Improper access check in webservice endpoints

Source

Associated Vulnerability

Description

simple program for joomla scanner CVE-2023-23752 with target list

Readme

# CVE-2023-23752
![](https://github.com/MrP4nda1337/CVE-2023-23752/blob/main/img/jomlaa.png)

- This is a proof-of-concept code for the CVE-2023-23752 vulnerability. It allows an attacker to extract sensitive information such as usernames, passwords, and database names from a target application.
- Bulk scanner + get config + ip target from CVE-2023-23752

## Screenshot
![ss](https://github.com/MrP4nda1337/CVE-2023-23752/blob/main/img/ss.jpg)

## Installations 
- clone this repository
- install the requirements

  ```
  git clone https://github.com/MrP4nda1337/CVE-2023-23752
  ```
  ```
  cd CVE-2023-23752
  ```
  ```
  pip3 install -r requirements.txt
  ```
  ```
  python3 run.py
  ```
  
Open Target Vuln
-----------------
cd CVE-2023-23752/data/result

Disclaimer
-----------------
This code is for educational purposes only and should not be used for illegal activities. The author is not responsible for any damage or harm caused by the use or misuse of this code.

File Snapshot

 [4.0K]  /data/pocs/63b2dfb9d6959bdd46b5f4499e475480cc85abf3
├── [4.0K]  data
│   ├── [2.0K]  banner.txt
│   ├── [4.0K]  result
│   │   └── [   0]  empty.txt
│   └── [678K]  user-agents.txt
├── [4.0K]  extra
│   ├── [   0]  __init__.py
│   ├── [ 872]  parser.py
│   └── [ 479]  requester.py
├── [  17]  gitignore
├── [4.0K]  img
│   ├── [   1]  images
│   ├── [ 70K]  jomlaa.png
│   └── [ 98K]  ss.jpg
├── [1017]  README.md
├── [ 104]  requirements.txt
├── [1.8K]  run.py
└── [ 72K]  target.txt

4 directories, 14 files

Remarks