Saturday, May 11, 2013

HOWTO : Joomscan on Ubuntu Desktop 12.04 LTS

Joomscan is OWASP Joomla Vulnerability Scanner.

Joomla! is probably the most widely-used CMS out there due to its flexibility, user-friendlinesss, extensibility to name a few. So, watching its vulnerabilities and adding such vulnerabilities as KB to Joomla scanner takes ongoing activity.It will help web developers and web masters to help identify possible security weaknesses on their deployed Joomla! sites.

However, it is not up-to-date. The latest version of vulnerability database is on October 22, 2012 (at the time of this writing).

Step 1 :

sudo apt-get install libwww-perl libwww-mechanize-perl

Joomscan is written in Perl. Download it.

sudo -sH
cd /opt
wget "http://downloads.sourceforge.net/project/joomscan/joomscan/2012-03-10/joomscan-latest.zip?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fjoomscan%2F%3Fsource%3Ddlp&ts=1368806935&use_mirror=ncu" -O joomscan-latest.zip


Step 2 :

Once downloaded, you need to extract the content.

sudo -sH
cd /opt
mkdir joomscan

cp joomscan-latest.zip /opt/joomscan/
rm joomscan-latest.zip

cd /opt/joomscan

unzip joomscan-latest.zip


Step 3 :

To run it.

sudo -sH
cd /opt/joomscan

perl joomscan.pl -u http://www.samiux.com


Step 4 :

To update it.

sudo -sH
cd /opt/joomscan

perl joomscan.pl update


That's all! See you.