Home 0P3N Blog HOW TO SUCCESSFULLY USE JOOMLA 1.5 < 3.4.5 RCE EXPLOIT ???
Ready to Start Your Career?
Create Free Account
authors profile image
January 1, 2016

HOW TO SUCCESSFULLY USE JOOMLA 1.5 < 3.4.5 RCE EXPLOIT ???

January 1, 2016
authors profile image
January 1, 2016
HELLO. I want to know how to use the following feat: Joomla 1.5 ```**Traceback (most recent call last): File "joomla\_rce\_CVE-2015-8562.py", line 44, in print get\_url("https://localhost", pl) File "joomla\_rce\_CVE-2015-8562.py", line 14, in get\_url cookies = requests.get(url,headers=headers).cookies File "/usr/lib/python2.7/dist-packages/requests/api.py", line 69, in get return request('get', url, params=params, \*\*kwargs) File "/usr/lib/python2.7/dist-packages/requests/api.py", line 50, in request response = session.request(method=method, url=url, \*\*kwargs) File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 465, in request resp = self.send(prep, \*\*send\_kwargs) File "/usr/lib/python2.7/dist-packages/requests/sessions.py", line 573, in send r = adapter.send(request, \*\*kwargs) File "/usr/lib/python2.7/dist-packages/requests/adapters.py", line 415, in send raise ConnectionError(err, request=request) requests.exceptions.ConnectionError: ('Connection aborted.', BadStatusLine("''",))**``` **How to successfully execute the exploit JOOMLA RCE (https://www.exploit-db.com/exploits/38977/) ??? Help me to solve this problem and to normally use this Exploit.**Thank you in advance. try replace localhost with 127.0.0.1? Yes of course, I tried to change the IP address and the path where is hosted JOOMLA. BUT it still does not work. I was able to execute it and got a , but when I check if the payload was delivered there was none, so am I right to assume that the the version of Joomla is properly patched? Tx DeadSet Dear @deadset check the Version of your Joomla Target by adding the URL of your target this: **/language/en-GB/en-GB.xml**. Example: **http://target.com/language/en-GB/en-GB.xml**. IMPORTANT: Especially give us back (to say) the version of your Joomla Target knowing whether the exploit works well or if it does not work because the site has been patched. I wait for your reply @deadset. Hi @apocalypse0 I checked the version with using **/administrator/manifests/files/joomla.xml** it is stated **2.5.16**. However, when using **/language/en-GB/en-GB.xml** it states **2.5.10** hi
Schedule Demo

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry