- 7 Tem 2013
- 8,207
- 4
- 687
In this topic, We detect vulnerabilities such as XSS, SQL, Upload on the target website using Uniscan. Let's get start,
How to Find Vulnerabilities Using Uniscan
First, we install our tool with this command:
Kod:
apt-get install uniscan
Then we type the following command to display the available parameters on the Uniscan.
Kod:
uniscan
As you can see the options section is showing how to use it. Let's scan the target website. I am typing "-u" parameter to specify the site address. But in this topic I used only the "-d" parameter for practical explanation. Scanning can be customized with other parameters. So, these are the parameters commonly used:
-u --> use this parameter to specify the target website
-d --> use this parameter to quick scan
-q --> list vulnerable files
-w --> list files on the website
-r --> scans the php information of the target website
-e --> use -e parameter to find robots.txt and sitemap.xml
-s --> use this parameter to preparing report after scanning
Kod:
uniscan -u website.com -d
The result will be shown in the fields above. We should enter this command to view the scan reports.
Kod:
cd /usr/share/uniscan/report
Then we can view the reports of the websites with this command:
Kod:
ls
When we look at any of the reports, it will be displayed in html format like this:
Thanks!
Source: https://www.turkhackteam.org/web-se...araci-ile-web-sitelerinde-zafiyet-tarama.html
Translator dRose98
Moderatör tarafında düzenlendi: