OWASP Joomla Vulnerability Scanner Usage
Revision as of 23:03, 20 August 2009 by D0ubl3 h3lix
Usage: joomscan.pl -u <string> -x proxy:port -u <string> = joomla Url ==Optional== -x <string:int> = proXy to tunnel -c <string> = cookie (name=value;) -g "<string>" = desired useraGent string within " -nv = No Version fingerprinting check -nf = No Firewall detection check -nvf/-nfv = No version+firewall check -pe = Poking version only (and Exit the scanner) -ot = Output to Text file (target-joexploit.txt) -oh = Output to Html file (target-joexploit.htm) -vu = Verbose (output every Url scan) -sp = Show completed Percentage
Example: joomscan.pl -pv -u victim.com -x localhost:8080
Check: joomscan.pl check This option will check if the scanner update is available or not.
Update: joomscan.pl update This option will check and update the local database if newer version is available.
Download: joomscan.pl download - Download the scanner latest version as a single zip file - joomscan-latest.zip.
Defense: joomscan.pl defense This option will give you a defensive note.
About: joomscan.pl story This option will give you a short story about joomscan.
Read: joomscan.pl read DOCFILE DOCFILE - changelog,release_note,readme,credits,faq,owasp_project