
Joomscan, adalah tools buatan YEHG(YGN Etical Hacker Group) yang berbasis OWASP ( Open Web Application Security Project ) yang digunakan untuk melakukan penetration testing terhadap Content Management System (CMS) Joomla !
Ini akan membantu web developer dan webmaster untuk mengamankan situsnya dari tangan-tangan jail,
Download Joomla Vulnerability Scanner : http://sourceforge.net/projects/joomscan/
Bagi pengguna backtrack bisa di dapat di backtrack 5
Backtrack > Vulnerability Assessment > Web Assessment > CMS Vulnerability Identification > joomscan
Backtrack > Vulnerability Assessment > Web Assessment > CMS Vulnerability Identification > joomscan
Joomscan sebenarnya tidak hanya tersedia untuk backtrack, dia dapat di gunakan ke semua platform (Linux, Windows, MAC) dengan syarat sudah terinstal perl terlebih dahulu, lalu bagaimana cara menggunakan joomscan ?
adapun cara penggunaannya :
Usage: joomscan.pl -u <string> -x proxy:port -u <string> = joomla Url ==Optional== -x <string:int> = proXy to tunnel -c <string> = cookie (name=value;) -g "<string>" = desired useraGent string within " -nv = No Version fingerprinting check -nf = No Firewall detection check -nvf/-nfv = No version+firewall check -pe = Poking version only (and Exit the scanner) -ot = Output to Text file (target-joexploit.txt) -oh = Output to Html file (target-joexploit.htm) -vu = Verbose (output every Url scan) -sp = Show completed Percentage
Example: joomscan.pl -pv -u victim.com -x localhost:8080
Check: joomscan.pl check This option will check if the scanner update is available or not.
Update: joomscan.pl update This option will check and update the local database if newer version is available.
Download: joomscan.pl download - Download the scanner latest version as a single zip file - joomscan-latest.zip.
Defense: joomscan.pl defense This option will give you a defensive note.
About: joomscan.pl story This option will give you a short story about joomscan.
Read: joomscan.pl read DOCFILE DOCFILE - changelog,release_note,readme,credits,faq,owasp_projectyang mau download click here. tool ini berbasis bahasa perl..
atau lebih lengkapnya bisa di baca di :
https://www.owasp.org/index.php/OWASP_Joomla_Vulnerability_Scanner_Usage
keep share and smile ^_^
0 komentar:
Posting Komentar