Testing Joomla for CVE-2015-8562

Over the last couple of days I've been responding to question about Joomla's 0-day which has been gaining some attention lately. I decided to write a PowerShell script to check a Joomla server if it is running the at least 3.4.6 or 3.4.7. Hope you enjoy it and let me know your thoughts.

###############################################################################################
#
# Script: CheckJoomla.ps1
# By: Tim Muniz
# Date: 20151222
#
###############################################################################################
<#

.SYNOPSIS

This script checks Joomla Version to check if the remote host is vulnerable to CVE-2015-8562.



.DESCRIPTION

This script checks Joomla Version to check if the remote host is vulnerable to CVE-2015-8562.


.PARAMETER target

a host running Joomla to test.



.PARAMETER Https

To test a host running SSL/TLS. 

This is an optional parameter.



.EXAMPLE

Check remote Joomla Host and report if vulnerable.

CheckJoomla.ps1 myjoomla.com 



.EXAMPLE 

Check remote Joomla Host running SSL/TLS and report if vulnerable.

CheckJoomla.ps1 myjoomla.com -Https



.NOTES

Please let me know what you think or if it isn't working. Also, it relies on access to /language/en-GB/en-GB.xml

#>
[CmdletBinding()]
Param(
  
  
    [Parameter(Mandatory=$True,Position=1)]
    [string] $target,
    
    [Switch]$Https = $false    

)
    
if ($Https){
    write-host "Checking host: $target"
    $site = Invoke-WebRequest -Uri https://$target/joomla/language/en-GB/en-GB.xml -UseBasicParsing
$xml = [xml]$site.Content
$version = $xml.metafile.version[1]
    if($version -notlike "3.4.[6-7]"){
        write-host "Your Instance of Joomla is VULNERABLE!"
        write-host "Please Upgrade to 3.4.6."
        write-host "Joomla host is running version " $version
    }
    else { 
        write-host "You are running the updated version of Joomla"
        write-host "Joomla host is running version " $version
    }
}
else {
    write-host "Checking host: $target"
    $site = Invoke-WebRequest -UseBasicParsing -Uri http://$target/joomla/language/en-GB/en-GB.xml
$xml = [xml]$site.Content
$version = $xml.metafile.version[1]
    if($version -notlike "3.4.[6-7]"){
        write-host "Your Instance of Joomla is VULNERABLE!"
        write-host "Please Upgrade to 3.4.6."
        write-host "Joomla host is running version " $version
    }
    else { 
        write-host "You are running the updated version of Joomla"
        write-host "Joomla host is running version " $version
    }
}

Comments

Post a Comment

Popular posts from this blog

And now for something completely different...

Over the course of my INFOSEC career I've worked in many different positions. IDS, network analysis, pentester, mobile application testing and a few others but one area has always stoked my interest. Vulnerability development is an area I wish I knew more about along with having a better grasp of reversing software. So over the next few months I've decided to try and fuel that interest by jumping into the world of fuzzing. I have chosen to start messing around with american fuzzy lop (AFL)  and see if I can find my first CVE. So here goes nothing.
Read more

Been awhile hasn't it.

It's been over a year since the last time I posted anything so I'll give a quick update. The whole AFL thing didn't pan out as much as I'd like as I never really made time for it. I did add another child into the world so I got that going for me. As for work, I'm still at Cisco Talos doing the Detection Response Team (DRT) stuff, basically creating rules for Snort and sigs for ClamAV. That's going ok, gets a little mundane at times as I'm a researcher by trade and love looking into different things, especially mobile stuff, but overall I feel it's going well. At least no one has told me otherwise. That's pretty much it for me over the last year so lets start on some new exciting info. I recently went to TROOPERS  for TROOPERS19 and it was awesome. For those that don't know, it is a computer security conference in Heidelberg, Germany that takes place in March time frame. The city of Heidelberg was beautiful and the content of the conference was
Read more

Well I guess it's time to start this back up.

Image
 The last couple of years I've spent doing a job that was out of my usually wheel house. I went to a learning and content development team within Cisco where I served as a SME for a lot of Cisco Secure Products. This position was not as technical as I'd like and ultimately led to my demise at Cisco. My position was terminated in July and I've spent the last few months looking within Cisco and outside for a new position. From what I can tell, most places have turned me down, which I can only assume, due to my none technical position the last two years. This is very annoying as I still have most of my technical information in my head and still know how to do things. But I guess it only matters what you have done recently. I'm hopeful to find something but in the mean time I'm going to start blogging about new things I'm trying to learn to further develop my security skillset. 
Read more