Joomla

Reverse shell

A reverse shell can be obtained after getting access to the Administrative panel of the joomla CMS. Much like its Wordpress counterpart, it consists of a modification of a site template by adding (or replacing) the existing php/html code with our php reverse shell.

As we can see, we have replaced the index.php of this site template with a php reverse shell (fourth tab). When we go back to the site root (third tab), it loads the index.php file, and our netcat listener (terminal) receives a connection.