Introduction
Joomscan is a Joomla vulnerability scanner. It detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla web site.
In this tutorial I’ll show you the usage and how to find vulnerabilities by joomscan.
Procedure
How to open it:-
- Goto Backtrack >> Vulnerability Assessment >> Web Application Assessment >> CMS Vulnerability Identification >> joomscan, or you can open it through terminal also cd /pentest/web/joomscan.
How to use it:-
- To scan a targeted web site, use this command perl ./joomscan.pl -u <url>
- To scan a targeted web site using proxy, use this command
- perl ./joomscan.pl -u <url> -x ip:port
Thats it. There are few more options available for this tool. Just use this command to see all available options perl ./joomscan.pl .
0 comments :
Post a Comment