Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Joomla! Installer Exposure

By kannthu

High
Vidoc logoVidoc Module
#misconfig#joomla#install
Description

What is the "Joomla! Installer Exposure?"

The "Joomla! Installer Exposure" module is designed to detect a misconfiguration in the Joomla! web installer. Joomla! is a popular content management system (CMS) used for building websites and online applications. This module focuses on identifying vulnerabilities related to the installation process of Joomla!.

This module has a high severity level, indicating that it can potentially expose sensitive information or lead to unauthorized access if not addressed.

Author: DhiyaneshDk

Impact

If the Joomla! Installer Exposure module detects a misconfiguration, it means that the Joomla! web installer is not properly secured. This can allow attackers to gain unauthorized access to the installation process, potentially compromising the entire Joomla! website or application. It is crucial to address any vulnerabilities detected by this module to prevent unauthorized access and protect sensitive data.

How does the module work?

The Joomla! Installer Exposure module works by sending HTTP requests to specific paths on the target website. It then applies a set of matching conditions to determine if the Joomla! web installer is exposed and vulnerable to misconfiguration.

One example of an HTTP request used by this module is:

GET /installation/index.php

The module checks the response of this request against the following matching conditions:

- The response body must contain the words "Joomla! Web Installer" and "Configuration". - The response header must contain the word "text/html". - The HTTP status code must be 200 (OK).

If all of these conditions are met, the module identifies a potential misconfiguration in the Joomla! web installer.

It is important to regularly scan and address any vulnerabilities detected by this module to ensure the secure installation and operation of Joomla! websites and applications.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/installation/index....
Matching conditions
word: Joomla! Web Installer, Configurationand
word: text/htmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability