Hello aspiring hackers. Previously we have seen how to perform Joomla version enumeration and Joomla plugin enumeration with Metasploit. Metasploit also has a module for Joomla webpages enumeration which can be useful in seeing pages of a Joomla website which can give further information about the website.
Start Metasploit and load the module as shown below. Type command “show options” to see the options we need to set.
As other auxiliary options, it has RHOSTS option instead of RHOST option. We can set multiple IP addresses to scan for their pages with space in between as shown below. Set the targeturi.
Type command “run” to execute the exploit. We will get the result as shown below.