Tryhackme || Joomify Walkthrough

Overview: Joomla is a free and open-source content management system (CMS) widely used to build blogging websites. At the time of writing, the platform ranks 5th, surpassing other vital platforms like Bitrix, Drupal, etc. In Feb 2023, the platform identified a vulnerability that allowed unauthorized users to fetch information from various web endpoints without prior authentication. The vulnerability was identified by Zewei Zhang from NSFOCUS TIANJI Lab and was assigned the severity Medium and CVE-ID 2023-23752.

Task1:

1)I can successfully connect with the machine.

Ans: No answer is needed

Task2:

2)What folder name contains the index.php code responsible for handling the API-based calls?

Ans: api

3)What folder name contains all the admin-related files and code in Joomla?

Ans: administrator

4)What GET request variable name can the attacker manipulate to trigger CVE 2023–23572?

Ans: public

Task3:

5)What is the admin user’s email address for the vulnerable Joomla application?

Ans: root@root.thm

6)What is the password for the database user root?

Ans: root@123

7)What is the HTTP response code if an API endpoint is accessed without setting the public variable as true?

Ans: 401

8)What is the website address for contact ID 1 of the vulnerable Joomla application?

Ans: https://zuck.thm

Task4:

9)In the monitoring tab of the Alerting section, what is the name of the alert that detects a Joomla exploit attempt?

Ans: Joomla Exploit Alert

Task5:

10)I have completed the room.

Ans: No answer is needed

Thank you for your time and attention.