Thứ Tư, 2 tháng 1, 2013

Joomscan On Backtrack 5R1


JoomScan 

..:: Is a Vulnerability Scanning Tool ::..


Introduction 
Joomscan is the CMS Vulnerability Identification Tool .
This tool is created by YGN Ethical Hacker Group from Myanmar(Burma).
Joomscan is used to find the vulnerability in the websites . 
Joomscan helps the developer to find the weaknesses in the websites .
Joomscan is a signature based scanner which can detect the XSS/CSRF, sql injection etc on the target website .
How to open Joomscan on Backtrack 5 

Follow : Backtrack > Vulnerability Assessment > Web Assessment > CMS Vulnerability Identification Tool > joomscan 

How to Use joomscan 
When you open joomscan , it will look like this image (shown below)


The above image shows the syntax and the options  
Some more options like check ,update, about and read (shown above)


In the above image ,we are giving the command : ./joomscan -u < target url >


Example : ./joomscan.pl -u  www.plusline.org     as shown in the image above .
Here ./joomscan.pl : used to start the joomscan -u : used for url


Here it shows the Server name , checking for Anti-Scanner measure 



In this image ,it shows fingerprinting and the XSS/CSRF Vulnerability 

  • At last ,it shows the report how many vulnerable points in the website . 
  •  This is how we  can use this tool . 



Không có nhận xét nào:

Đăng nhận xét