Languages are useful for doing things. What type of things it's suitable for completely depends on the type of language, the frameworks available for it, what OSes have interpreters / compilers for it, etc.
Let's look at the ones you've mentioned:
Available on most *nix OSes since the '90s.
Great for quick hacks and short scripts.
Reflective (can see its own structure and code)
Good for dynamic frameworks
Designed for clear and readable source code
Huge framework of libraries
Cross-platform (available on every major browser)
So what makes these particularly good for pentesting? Well, most pentesting involves writing up quick throw-away tools to do a specific job for a specific test. Writing such a tool in C or C++ every time you want to do a quick job is cumbersome and time-consuming. Furthermore, they tend to produce platform-specific binaries or source that requires platform-specific compilation, rather than cross-platform scripts that just run. Scripting languages give you the flexibility to produce such tools quickly and easily.
Now, the other side of the coin is languages used as payloads. This is where the line gets blurred, because requirements are so varied. For attacking Windows boxes, any payload that has no dependencies outside of what the OS provides is useful. This might be C, C++, VBScript, x86 asm, C# / VB.NET (.NET 2.0 is on most machines these days), etc. For attacking Linux boxes you might use C, C++, bash scripts or Perl. Java is also common for cross-platform attacks.
At the end of the day, pick the language that you find best for the job!