Joomla! is a very popular CMS that is used for many different purposes, including e-commerce. Detecting user accounts with weak passwords is a common task for penetration testers, and Nmap helps with that by using the NSE script http-joomla-brute
.
This recipe shows how to perform brute force password auditing against Joomla! installations.
Open your terminal and enter the following command:
$ nmap -p80 --script http-joomla-brute <target>
All of the valid accounts that were found will be returned:
PORT STATE SERVICE REASON 80/tcp open http syn-ack | http-joomla-brute: | Accounts | king:kong => Login correct | Statistics |_ Perfomed 799 guesses in 501 seconds, average tps: 0