Difference between revisions of "OWASP Joomla Vulnerability Scanner Usage"

From OWASP
Jump to: navigation, search
Line 18: Line 18:
 
          
 
          
  
  Check:   joomscan.pl check
+
  Enumerate installed components:
          This option will check if the scanner update is available or not.
+
      perl joomscan.pl --url www.example.com --enumerate-components
 +
      or
 +
      perl joomscan.pl -u www.example.com --ec
  
  Update: joomscan.pl update
+
  Set cookie:
          This option will check and update the local database if newer
+
          perl joomscan.pl --url www.example.com --cookie "test=demo;"
          version is available.
 
  
  Download: joomscan.pl download
+
  Set user-agent:
          - Download the scanner latest version as a single zip file - joomscan-latest.zip.
+
    perl joomscan.pl --url www.example.com --user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"
 +
    or
 +
    perl joomscan.pl -u www.example.com -a "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"
  
Defense: joomscan.pl defense
 
          This option will give you a defensive note.
 
  
  About:   joomscan.pl story
+
  Set random user-agent:
           This option will give you a short story about joomscan.
+
    perl joomscan.pl -u www.example.com --random-agent
 +
    or
 +
    perl joomscan.pl --url www.example.com -r
 +
 
 +
 
 +
Update Joomscan:
 +
           perl joomscan.pl --update
  
Read:  joomscan.pl read DOCFILE
 
          DOCFILE - changelog,release_note,readme,credits,faq,owasp_project
 
  
 
[[Category:OWASP_Joomla_Vulnerability_Scanner_Project]]
 
[[Category:OWASP_Joomla_Vulnerability_Scanner_Project]]

Revision as of 17:45, 8 March 2018

    Usage:	joomscan.pl [options]
   --url | -u <URL>                         |   The Joomla URL/domain to scan.
   --enumerate-components          | -ec    |   Try to enumerate components.
   --cookie <String>                       |   Set cookie.
   --user-agent | -a <user-agent>   |   Use the specified User-Agent.
   --random-agent | -r                   |   Use a random User-Agent.
   --timeout <time-out>                  |   set timeout.
   --about                                      |   About Author
   --update                                    |   Update to the latest version.
   --help | -h                                 |   This help screen.
   --version                                   |   Output the current version and exit.


Do default checks:
        perl joomscan.pl -u www.example.com  
        or
        perl joomscan.pl --url www.example.com
        
Enumerate installed components:
      perl joomscan.pl --url www.example.com --enumerate-components
      or
      perl joomscan.pl -u www.example.com --ec
Set cookie:
         perl joomscan.pl --url www.example.com --cookie "test=demo;"
Set user-agent:
    perl joomscan.pl --url www.example.com --user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"
    or
    perl joomscan.pl -u www.example.com -a "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"


Set random user-agent:
    perl joomscan.pl -u www.example.com --random-agent
    or
    perl joomscan.pl --url www.example.com -r


Update Joomscan:
         perl joomscan.pl --update