08-31-2011, 10:09 PM
hmmmm.. salah satu tools yang dapat kita pergunakan dalam menguji sistem keamanan khusus web aplication heheheh .. tools ini dapat memeriksa beberapa jenis web attack seperti RFI, LFI dan SQL Injection.
ok nama toolsnya sudah ane taro di judul atas ... lanjut bro ..
pertama-tama download dulu ya toolsnya pada saat thread ini ditulis uniscan telah mencapai versi 4.1
nah klo udah extract waee
chmod biar bisa di esekusi
ya udah coba di esekusi .. klo keluar tampilan error itu karena dia membutuhkan beberapa resource lib
selow down bro ... ok kita lanjut ..
lihat usagenya bro terus di coba aja .... ane dah coba and its works
ok nama toolsnya sudah ane taro di judul atas ... lanjut bro ..
pertama-tama download dulu ya toolsnya pada saat thread ini ditulis uniscan telah mencapai versi 4.1
Code:
wget http://nchc.dl.sourceforge.net/project/uniscan/4.1/uniscan.tar
nah klo udah extract waee
Code:
tar xvwf uniscan.tar
chmod biar bisa di esekusi
Code:
root@zee-eichel{/pentest/zee}:cd uniscan-code/
./ CHANGES.txt Directory LFI RFI uniscan.conf
../ c.txt Files RCE Uniscan/ uniscan.pl*
root@zee-eichel{/pentest/zee/uniscan-code}:chmod +x uniscan.pl
ya udah coba di esekusi .. klo keluar tampilan error itu karena dia membutuhkan beberapa resource lib
Code:
apt-get install libmoose-perl
selow down bro ... ok kita lanjut ..
Code:
root@zee-eichel{/pentest/zee/uniscan-code}:perl uniscan.pl
###############################
# Uniscan project #
# http://www.uniscan.com.br/ #
###############################
V. 4.1
OPTIONS:
-h help
-u <url> example: https://www.example.com/
-f <file> list of url's
-b Uniscan go to background
-q Disable Directory checks
-w Disable File checks
-e Disable Backup file checks
-r Disable RFI checks by Crawler
-t Disable LFI checks by Crawler
-y Disable RCE checks by Crawler
-i Disable SQL checks by Crawler
-o Disable XSS checks by Crawler
-p Disable static RFI checks
-a Disable static LFI checks
-s Disable static RCE checks
-d Disable /robots.txt check
-g Disable PUT method check
-j Not show e-mails found by Crawler
Option -u or -f is required, all others no.
usage:
[1] perl uniscan.pl -u http://www.example.com/
[2] perl uniscan.pl -f /home/user/file.txt -b
[3] perl uniscan.pl -u https://www.example.com/
lihat usagenya bro terus di coba aja .... ane dah coba and its works
FOLLOW @DutaLinux
for more question and sharing about security and Opensource only
for more question and sharing about security and Opensource only