Posted on Leave a comment

Joomla webpages enumeration with Metasploit

Hello aspiring hackers. Previously we have seen how to perform Joomla version enumeration and Joomla plugin enumeration with Metasploit. Metasploit also has a module for Joomla webpages enumeration which can be useful in seeing pages of a Joomla website which can give further information about the website.

Start Metasploit and load the module as shown below.  Type command “show options” to see the options we need to set.

joomla_pages1

As other auxiliary options, it has RHOSTS option instead of RHOST option. We can set multiple IP addresses to scan for their pages with space in between as shown below. Set the targeturi.

joomla_v2

Type command “run” to execute the exploit. We will get the result as shown below.

joomla_pages3

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.