Intro - The main purpose of Joomscan is to detects file inclusion, sql injection, command execution vulnerabilities of a target Joomla! web site.Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few. So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity.It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites.
1. How to open
A. GUI Method
Application →Kali linux → Web Applications → Web Vulnerability Scanners → joomscan
(click image for large view)
B. open terminal and type joomscan
2. This command is used to scan a target for finding the vulenerabilities .
Syntax – joomscan –u target url
Ex – joomscan –u djmaza.in
3. As you can see the scan has been started and as result it is showing us – server information means which server using this website, Anti scanner and joomla firewall etc..
4. This is the 2nd image of our scan result ( sorry I can’t show you whole scan image due to large scanning). So, here you can see fingerprinting, and the most important part ‘Vulnerabilities’. At the end of #1 scan you will notice this is saying ‘Vulnerable ? Yes’ It means we got a weakness of target website.
5. Here you can see total number of vulnerabilities which found on scan and you can also notice the scan time.
(click image for large view)
No comments:
Post a Comment