Joomla is one of the most popular CMS which is widely used for its flexibility, user-friendliness and extensibility. The downside of popularity in software world is that it becomes a target for hackers. We have just recently seen how to exploit some recent vulnerabilities in Joomla. It would be pretty helpful if the users or testers know the vulnerabilities in their Joomla CMS before any hacker takes advantage of them. Joomscan is one such tool which will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites.
Joomscan has features like
Exact version Probing
Common Joomla! based web application firewall detection
Searching known vulnerabilities of Joomla! and its components
Reporting to Text & HTML output
Immediate update capability via scanner or svn.
Joomscan is installed by default in Kali Linux. Now let’s see how to use this tool. Open a terminal and type command “joomscan update” first. We will update the tool first.
Once the tool is updated as shown above, type command “joomscan” to see the options as shown below.
Next, give the target joomla website as shown below. In this howto, I’m using my own Joomla website.
The result would seem like below. Below we see that our target doesn’t have any firewall, it’s server is apache and it is powered by PHP version 5.3.10. Unfortunately it didn’t detect the version. Hmm, no probs.
Next it will scan for vulnerabilities and check whether if this site is vulnerable for a particular vulnerability as shown below.
At the end, it will show us the number of vulnerabilities present in our target.
We can see that our target has 2 vulnerabilities as shown in the above image. We will see how to exploit those vulnerabilities in our future howtos. But for now we have successfully performed a vulnerability assessment of our target.