Showw

Ja estou salvando.

Otima Contribuição.

Para Fazer esse comando o scan precisa estar salvo dentro da pasta bin.

Voce pode salvar o scan no desktop e dar os seguinte comandos Iniciar>executar>cmd>cd desktop>perl joomscan.pl e pronto , é só o caminho que mudou ! rsrs
flw

Obrigado. Muito util

Nao consigo, alguem me ajude:

- executo o cmd
- cd ambiente de trabalho
- perl joomscan.pl -> resposta: "perl" não é reconhecido como um comando externo ou interno........


O que fiz de errado?

vc tem o active perl instalado? se nao tiver instale

Agora ja aceita, mas quando meto "perl joomscan.pl", diz:
Can't Open perl script joomscan.pl: no such file or directory

bom post mam

Preciso de ajuda.
Algum comando que executei mal.
Tenho de por algum ficheiro no desktop para poder fazer o comando?

Ja consegui.

Disse-me que um site era vulneravel no primeiro ponto, agora como sei como explorar essa vulnerabilidade?

Can't open perl script "joomscan.pl": No such file or directory
oq faço agora ?

é possivel explorar algo?
Server: Apache/2.0.59 (Unix) DAV/2
X-Powered-By: PHP/5.1.5


## NOTE: The Administrator URL was renamed. Bruteforce it. ##
## None of /administrator, /admin, /manage ##


## Checking if the target has deployed an Anti-Scanner measure

[!] Scanning Passed ..... OK


## Detecting Joomla! based Firewall ...

[!] .htaccess shipped with Joomla! is being deployed for SEO purpose
[!] It contains some defensive mod_rewrite rules
[!] Payloads that contain strings (mosConfig,base64_encode,<script>
GLOBALS,_REQUEST) wil be responsed with 403.


## Fingerprinting in progress ...

~Generic version family ....... [1.5.x]


* Deduced version range is : [1.5.? - 1.5.?]

## Fingerprinting done.


## 7 Components Found in front page ##

com_ninjarsssyndicator com_content
com_dtregister com_jevents com_docman
com_weblinks com_comprofiler




Vulnerabilities Discovered
==========================

# 1
Info -> Core: Multiple XSS/CSRF Vulnerability
Versions Affected: 1.5.9 <=
Check: /?1.5.9-x
Exploit: A series of XSS and CSRF faults exist in the administrator application.
Affected administrator components include com_admin, com_media, com_search. B
oth com_admin and com_search contain XSS vulnerabilities, and com_media contains
2 CSRF vulnerabilities.
Vulnerable? N/A

# 2
Info -> Core: JSession SSL Session Disclosure Vulnerability
Versions effected: Joomla! 1.5.8 <=
Check: /?1.5.8-x
Exploit: When running a site under SSL (the entire site is forced to be under ss
l), Joomla! does not set the SSL flag on the cookie. This can allow someone mon
itoring the network to find the cookie related to the session.
Vulnerable? N/A

# 3
Info -> Core: Frontend XSS Vulnerability
Versions effected: 1.5.10 <=
Check: /?1.5.10-x
Exploit: Some values were output from the database without being properly escape
d. Most strings in question were sourced from the administrator panel. Maliciou
s normal admin can leverage it to gain access to super admin.
Vulnerable? N/A

# 4
Info -> Core: Frontend XSS - HTTP_REFERER not properly filtered Vulnerability
Versions effected: 1.5.11 <=
Check: /?1.5.11-x-http_ref
Exploit: An attacker can inject JavaScript or DHTML code that will be executed i
n the context of targeted user browser, allowing the attacker to steal cookies.
HTTP_REFERER variable is not properly parsed.
Vulnerable? N/A

# 5
Info -> Core: Frontend XSS - PHP_SELF not properly filtered Vulnerability
Versions effected: 1.5.11 <=
Check: /?1.5.11-x-php-s3lf
Exploit: An attacker can inject JavaScript code in a URL that will be executed i
n the context of targeted user browser.
Vulnerable? N/A

# 6
Info -> Core: Path Disclosure Vulnerability
Versions effected: Joomla! 1.5.3 <=
Check: /?1.5.3-path-disclose
Exploit: Crafted URL can disclose absolute path
Vulnerable? N/A

# 7
Info -> Core: User redirected Spamming Vulnerability
Versions effected: Joomla! 1.5.3 <=
Check: /?1.5.3-spam
Exploit: User redirect spam
Vulnerable? N/A

Terminating on signal SIGINT(2)

Olá,

Poderiam me ajudar?

Instalei o Active Perl, enviei os arquivos do Joomscan para a pasta C:/Perl/bin, abri a janela de comandos (cmd), fui até a pasta onde está o arquivo "joomscam.pl" (C:/Perl/bin) e dei o comando "perl joomscan.pl"...mas dá esta mensagem:

Can't locate Switch.pm in @INC <@INC contains: C:/Perl/site/lib C:/Perl/lib .> at joomscan.pl line 22.
BEGIN failed--compilation aborted at joomscan.pl line 22.

O que estou fazendo de errado ou o que preciso configurar?

Obrigado.

PS.: Windows 7.

Abs