Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Joomla! Database File List

By kannthu

Medium
Vidoc logoVidoc Module
#exposure#joomla#listing#database#edb
Description

What is the "Joomla! Database File List?"

The "Joomla! Database File List" module is designed to detect misconfigurations in Joomla! websites. It specifically targets the database directory "/libraries/joomla/database/" and checks if directory indexing is enabled. This module has a medium severity level.

Impact

If directory indexing is enabled in the "/libraries/joomla/database/" directory, it can expose sensitive information about the Joomla! website's database structure and potentially lead to unauthorized access or data leakage.

How the module works?

The "Joomla! Database File List" module sends a GET request to the "/libraries/joomla/database/" directory and checks for specific matching conditions. It looks for the presence of the phrases "Index of /libraries/joomla/database" and "Parent Directory" in the response body, indicating that directory indexing is enabled. Additionally, it verifies that the HTTP status code is 200.

By detecting these conditions, the module identifies if the Joomla! website's database directory is exposed and vulnerable to potential attacks. It provides valuable information for website administrators to take necessary actions and secure their Joomla! installations.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/libraries/joomla/da...
Matching conditions
word: Index of /libraries/joomla/database, Par...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability