Nmap Development mailing list archives
Re: [NSE] New script to detect Joomla! Header RCE [2015-8562]
From: Johanna Curiel <johannapcuriel () gmail com>
Date: Wed, 27 Jan 2016 10:43:18 -0400
Hi Gyanendra Thank you for this awesome work. After taking look of the script, I see many of the recognition work relies on the identifying response headers info and identifying the administrator path console of Jommla. In case this information is hidden or not provided as in the request header, it will not be able to recognise PHP? and if the path has also been blocked (lets say by a firewall) then in that case recognition of wont be possible at all? Regards Johanna On Tue, Jan 26, 2016 at 6:36 PM, Gyanendra Mishra <anomaly.the () gmail com> wrote:
Hi list, #260 on Github called for the development of a script that detects CVE 2015-8562. This script performs checks for the same and can be used to optionally exploit the target. I tested this on ubuntu 10.04.1 running php 5.4.7 and Joomla! 3.4.3. Find the script in the link below. https://svn.nmap.org/nmap-exp/gyani/scripts/http-vuln-cve2015-8562.nse Cheers, Gyani ᐧ _______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
_______________________________________________ Sent through the dev mailing list https://nmap.org/mailman/listinfo/dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] New script to detect Joomla! Header RCE [2015-8562] Gyanendra Mishra (Jan 26)
- Re: [NSE] New script to detect Joomla! Header RCE [2015-8562] Johanna Curiel (Jan 27)
- Re: [NSE] New script to detect Joomla! Header RCE [2015-8562] Gyanendra Mishra (Jan 27)
- Re: [NSE] New script to detect Joomla! Header RCE [2015-8562] Johanna Curiel (Feb 06)
- Re: [NSE] New script to detect Joomla! Header RCE [2015-8562] Gyanendra Mishra (Feb 10)
- Re: [NSE] New script to detect Joomla! Header RCE [2015-8562] Gyanendra Mishra (Jan 27)
- Re: [NSE] New script to detect Joomla! Header RCE [2015-8562] Johanna Curiel (Jan 27)