Now that we know enough about Joomla, we can start with CMS pentesting (which we learned about in the previous chapter, Chapter 8, Pentesting a CMS – WordPress). The first step in pentesting the Joomla CMS is to find the version installed on the target server. The following are the ways that we can detect which version is installed:
- Detection via a meta tag
- Detection via server headers
- Detection via language configurations
- Detection via README.txt
- Detection via the manifest file
- Detection via unique keywords