This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Joomla Vulnerability Scanner Usage"

From OWASP
Jump to: navigation, search
Line 5: Line 5:
 
         -x <string:int>  = proXy to tunnel
 
         -x <string:int>  = proXy to tunnel
 
         -c <string>      = cookie (name=value;)
 
         -c <string>      = cookie (name=value;)
         -pv             = Poke the Version
+
         -g "<string>"  = desired useraGent string within "
 +
        -nv             = No Version fingerprinting check
 +
        -nf              = No Firewall detection check
 +
        -nvf/-nfv        = No version+firewall check
 
         -pe              = Poking version only
 
         -pe              = Poking version only
 
                             (and Exit the scanner)
 
                             (and Exit the scanner)
Line 22: Line 25:
 
           This option will check and update the local database if newer
 
           This option will check and update the local database if newer
 
           version is available.
 
           version is available.
 +
 +
Download: joomscan.pl download
 +
          - Download the scanner latest version as a single zip file - joomscan-latest.zip.
  
 
  Defense: joomscan.pl defense
 
  Defense: joomscan.pl defense
Line 29: Line 35:
 
           This option will give you a short story about joomscan.
 
           This option will give you a short story about joomscan.
  
 +
Read:  joomscan.pl read DOCFILE
 +
          DOCFILE - changelog,release_note,readme,credits,faq,owasp_project
  
 
[[Category:OWASP_Joomla_Vulnerability_Scanner_Project]]
 
[[Category:OWASP_Joomla_Vulnerability_Scanner_Project]]

Revision as of 23:03, 20 August 2009

Usage:  joomscan.pl -u <string> -x proxy:port
        -u <string>      = joomla Url
        
        ==Optional==
        -x <string:int>  = proXy to tunnel
        -c <string>      = cookie (name=value;)
        -g "<string>"   = desired useraGent string within "
        -nv              = No Version fingerprinting check
        -nf              = No Firewall detection check
        -nvf/-nfv        = No version+firewall check
        -pe              = Poking version only
                           (and Exit the scanner)
        -ot              = Output to Text file (target-joexploit.txt)
        -oh              = Output to Html file (target-joexploit.htm)
        -vu              = Verbose (output every Url scan)
        -sp              = Show completed Percentage

Example:
         joomscan.pl -pv -u victim.com -x localhost:8080          

Check:   joomscan.pl check
         This option will check if the scanner update is available or not.

Update:  joomscan.pl update
         This option will check and update the local database if newer
         version is available.

Download: joomscan.pl download
          - Download the scanner latest version as a single zip file - joomscan-latest.zip.

Defense: joomscan.pl defense
         This option will give you a defensive note.

About:   joomscan.pl story
         This option will give you a short story about joomscan.

Read:   joomscan.pl read DOCFILE
          DOCFILE - changelog,release_note,readme,credits,faq,owasp_project
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Joomla_Vulnerability_Scanner_Usage&oldid=67785"