Download
1 / 8
80 likes | 189 Vues
The OWASP Joomla! Vulnerability Scanner Release 0.0.3 introduces significant improvements to enhance vulnerability detection. Key features include a defense bypass for web servers with 200 responses for 404 errors, addressing noisy reports and false positives. Additionally, the release includes updated vulnerability information, improved fingerprinting up to Joomla! version 1.5.14, and an anti-caching mechanism for updates. Users can now enjoy a more reliable scanning experience with enhanced HTML reporting and precise version detection.
E N D
OWASP Joomla! (CMS)Vulnerability ScannerRelease Flyer Aung Khant YGN Ethical Hacker Group,Myanmar http://yehg.net/ 07/17/2009
Current Release: 0.0.3 • Implemented 200 defense bypassThis is bypass web servers which respond with 200 for every 404, which is affectively killing the scanner, producing very noisy reports about false positives, rendering vulnerability detection useless. 200 defense can kill nearly most scanners today. • Added vulnerability information till 08-18-09 • Added fingerprinting signature till Joomla! 1.5.14 • Added anti-caching mechanism in update check • Added Graph facility in HTML reporting
Former Release: 0.0.2 Changed report location.~ will save report under report/ directory. Removed "Poke Version" -pv command optionVersion fingerprinting is run by default now till the future versions But you can skip it using -nv (No version check) option Improved fingerprinting engineTo find more exact version and to provide most approximate version range without making you calculate it anymore. Please see the sample output: 3
Former Release: 0.0.2 Fingerprint in 0.0.1 ~Generic version family ....... [1.5.x] ~1.5.x htaccess.txt revealed [1.5.4 - 1.5.11] ~1.5.x configuration.php-dist revealed [1.5.1 - 1.5.8]~1.5.x en-GB.xml revealed [1.5.2 - 1.5.6]~1.5.x en-GB.ini revealed [1.5.4 - 1.5.7] Fingerprint in 0.0.2~Generic version family ....... [1.5.x]~1.5.x htaccess.txt revealed [1.5.4 - 1.5.11]~1.5.x configuration.php-dist revealed [1.5.1 - 1.5.8]~1.5.x en-GB.xml revealed [1.5.2 - 1.5.6]~1.5.x en-GB.ini revealed [1.5.4 - 1.5.7]…skip…* Deduced version range is : [1.5.5 - 1.5.6] 4
Former Release: 0.0.2 Updated fingerprinting signature up to current Joomla! version 1.5.12 Updated vulnerability information up to July 12, 2009 Made vulnerability information neat by labelling as Generic, Core, Component, Plugin. Fixed parsing bug in listing components 5
Former Release: 0.0.2 Added components detectability in re-routed URL (/component/option,com_xxxx) Made finer report format: HTML Added Joomla! related firewall/defense detection 6
Former Release: 0.0.1 New and Improved Fingerprinting Engine ( which can almost detect exact version of Joomla 1.0.x and Joomla 1.5.x) Updated database till 1.5.9 In database, removed substring(@@version,1,1) and employed simple blind detection approach 1=1, 1=2 to bypass IDS which prevents MySQL-sensitive words from request 7
OWASP Joomla! Vulnerability Scanner • Project URLhttp://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project • Mailing Listhttps://lists.owasp.org/mailman/listinfo/owasp-joomla-vulnerability-scanner • Download URLshttp://yehg.net/lab/pr0js/files.php/joomscan-latest.ziphttp://sf.net/projects/joomscan
