Skip to content

Commit

Permalink
OWASP JoomScan 0.0.1 - Reburn
Browse files Browse the repository at this point in the history 
OWASP JoomScan 0.0.1 - Reburn
  • Loading branch information
@rezasp
rezasp committed Mar 2, 2018
1 parent 6a8b4b5 commit ea807b6
Show file tree
Hide file tree
Showing 52 changed files with 3,083 additions and 4,044 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
@@ -0,0 +1,3 @@
OWASP JoomScan 0.0.1 [Reborn]
============
* Initial release
2 changes: 1 addition & 1 deletion LICENSE → LICENSE.md
View file
Expand Up @@ -652,7 +652,7 @@ Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:

{project} Copyright (C) {year} {fullname}
OWASP Joomscan Copyright (C) 2018
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
Expand Down
98 changes: 88 additions & 10 deletions README.md
View file
@@ -1,25 +1,103 @@
![Version 0.0.4](https://img.shields.io/badge/Version-0.0.4-green.svg)
![Version 0.0.1](https://img.shields.io/badge/Version-0.0.1-green.svg)
![perl](https://img.shields.io/badge/Perl-5.x-yellow.svg)
[![GPLv3 License](https://img.shields.io/badge/License-GPLv3-red.svg)](https://github.com/rezasp/joomscan/blob/master/LICENSE)
[![Twitter](https://img.shields.io/badge/Twitter-@OWASP_JoomScan-blue.svg)](http://www.twitter.com/OWASP_JoomScan)
[![GPLv3 License](https://img.shields.io/badge/License-GPLv3-red.svg)](https://github.com/rezasp/joomscan/blob/master/LICENSE.md)
[![Twitter](https://img.shields.io/badge/Twitter-@OWASP_JoomScan-blue.svg)](http://twitter.com/OWASP_JoomScan)
[![Leader](https://img.shields.io/badge/Twitter-@rezesp-blue.svg)](http://www.twitter.com/rezesp)
[![Leader](https://img.shields.io/badge/Twitter-@Ali_Razmjo0-blue.svg)](http://www.twitter.com/Ali_Razmjo0)


WE ARE WORKING ON NEW RELEASE OF THIS PROJECT. NEW STRUCTURE WILL BE REPLACED SOON !
<img src="https://raw.githubusercontent.com/rezasp/Trash/master/joomscan.png" width="200"><img src="https://raw.githubusercontent.com/rezasp/Trash/master/owasp.png" width="500">

======

OWASP JoomScan Project
======

OWASP JoomScan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analyses them .
OWASP JoomScan (short for [Joom]la Vulnerability [Scan]ner) is an opensource project in perl programming language to detect Joomla CMS vulnerabilities and analysis them.

### Why OWASP JoomScan ?
### WHY OWASP JOOMSCAN ?

If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever!
If you want to do a penetration test on a Joomla CMS, OWASP JoomScan is Your best shot ever!
This Project is being faster than ever and updated with the latest Joomla vulnerabilities.


# INSTALL

git clone https://github.com/rezasp/joomscan.git
cd joomscan
perl joomscan.pl


# JOOMSCAN ARGUMENTS

Usage: joomscan.pl [options]

--url | -u <URL> | The Joomla URL/domain to scan.
--enumerate-components | -ec | Try to enumerate components.

--cookie <String> | Set cookie.
--user-agent | -a <user-agent> | Use the specified User-Agent.
--random-agent | -r | Use a random User-Agent.
--timeout <time-out> | set timeout.
--about | About Author
--update | Update to the latest version.
--help | -h | This help screen.
--version | Output the current version and exit.


# OWASP JOOMSCAN EXAMPLES

Do default checks...
```perl joomscan.pl --url www.example.com```
or
```perl joomscan.pl -u www.example.com```


Enumerate installed components...
```perl joomscan.pl --url www.example.com --enumerate-components```
or
```perl joomscan.pl -u www.example.com --ec```


Set cookie
```perl joomscan.pl --url www.example.com --cookie "test=demo;"```


Set user-agent
```perl joomscan.pl --url www.example.com --user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"```
or
```perl joomscan.pl -u www.example.com -a "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"```


Set random user-agent
```perl joomscan.pl -u www.example.com --random-agent```
or
```perl joomscan.pl --url www.example.com -r```


Update Joomscan...
```perl joomscan.pl --update```


# OWASP PAGE

[https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project](https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project)

# GIT REPOSITORY

[https://github.com/rezasp/joomscan](https://github.com/rezasp/joomscan)

# ISSUES

[https://github.com/rezasp/joomscan/issues](https://github.com/rezasp/joomscan/joomscan)

# PROJECT LEADERS

* Mohammad Reza Espargham [ reza[dot]espargham[at]owasp[dot]org ]
* Ali Razmjoo [ ali[dot]razmjoo[at]owasp[dot]org ]


* Project Leader : [Mohammad Reza Espargham] (reza[dot]espargham[at]owasp[dot]org)
* Github : https://github.com/rezasp/joomscan/
* OWASP Page : https://www.owasp.org/index.php/Category:OWASP_Joomla_Vulnerability_Scanner_Project
<br><br>
OWASP JoomScan 0.0.1 introduction (Youtube)

[![OWASP JoomScan 0.0.1 introduction](https://img.youtube.com/vi/Ik2CJ9LkuoI/0.jpg)](https://www.youtube.com/watch?v=Ik2CJ9LkuoI)
28 changes: 28 additions & 0 deletions core/compare.pl
View file
@@ -0,0 +1,28 @@
sub max {
my $x = shift;
my $y = shift;
return ( $x > $y ? $x : $y );
}

sub version_compare {
my $ver1 = shift || 0;
my $ver2 = shift || 0;
my @v1 = split /[.+:~-]/, $ver1;
my @v2 = split /[.+:~-]/, $ver2;

for ( my $i = 0 ; $i < max( scalar(@v1), scalar(@v2) ) ; $i++ ) {

# Add missing version parts if one string is shorter than the other
# i.e. 0 should be lt 0.2.1 and not equal, so we append .0
# -> 0.0.0 <=> 0.2.1 -> -1
push( @v1, 0 ) unless defined( $v1[$i] );
push( @v2, 0 ) unless defined( $v2[$i] );
if ( int( $v1[$i] ) > int( $v2[$i] ) ) {
return 1;
}
elsif ( int( $v1[$i] ) < int( $v2[$i] ) ) {
return -1;
}
}
return 0;
}
97 changes: 97 additions & 0 deletions core/header.pl
View file
@@ -0,0 +1,97 @@
#!/usr/bin/perl

use Term::ANSIColor;

print color("YELLOW");
print q{
____ _____ _____ __ __ ___ ___ __ _ _
(_ _)( _ )( _ )( \/ )/ __) / __) /__\ ( \( )
.-_)( )(_)( )(_)( ) ( \__ \( (__ /(__)\ ) (
\____) (_____)(_____)(_/\/\_)(___/ \___)(__)(__)(_)\_)
};
print color("red") . "\t\t\t(1337.today)" . color("reset");
print "
--=[". color("BLUE") . "OWASP JoomScan". color("reset") ."
+---++---==[Version : "
. color("red"). "$version\n". color("reset") . " +---++---==[Update Date : [". color("red") . "$update". color("reset") . "]
+---++---==[Authors : ". color("red") . "$author". color("reset")."
--=[Code name : ". color("red") . "$codename". color("reset")."\n \@OWASP_JoomScan , \@rezesp , \@Ali_Razmjo0 , \@OWASP\n\n";

if(!defined $ARGV[0]){

print color("cyan");
printf "\n Usage:
joomscan.pl <target>
joomscan.pl -u http://target.com/joomla
Options:
joomscan.pl --help\n\n";
print color("reset");
exit(1);
}
$cookie=1;
#Start help Function
sub help
{
print color("cyan");
printf "
Help :
Usage: $0 [options]
--url | -u <URL> | The Joomla URL/domain to scan.
--enumerate-components | -ec | Try to enumerate components.
--cookie <String> | Set cookie.
--user-agent | -a <User-Agent> | Use the specified User-Agent.
--random-agent | -r | Use a random User-Agent.
--timeout <Time-Out> | Set timeout.
--about | About Author
--update | Update to the latest version.
--help | -h | This help screen.
--version | Output the current version and exit.
";
print color("reset");
exit(1);
}
sub about
{
print color("cyan");
printf "
Author : $author
Twitter : \@rezesp , \@Ali_Razmjo0
Git repository : https://github.com/rezasp/joomscan/
Issues : https://github.com/rezasp/joomscan/issues
\n\n";
print color("reset");
exit(1);
}
sub update
{
do "./core/update.pl";
print color("reset");
exit(1);
}


GetOptions(
'help|h' => sub { help(0) },
'update' => sub { update(0) },
'about' => sub { about(0) },
'enumerate-components|ec' => sub { $components = 1 },
'random-agent|r' => sub { $randomagent = 1 },
'user-agent|a=s' => \$agent,
'timeout=s' => \$timeout,
'cookie=s' => \$cookie,
'u|url=s' => \$target,
'version' => sub { print "\n\nVersion : $version\n\n";exit; },

);
if($target !~ /\./){exit 0;}
if($target !~ /http/) { $target = "http://$target"; };

#End help Function
94 changes: 94 additions & 0 deletions core/main.pl
View file
@@ -0,0 +1,94 @@
#!/usr/bin/perl

use utf8;
use open ':std', ':encoding(UTF-8)';
use Term::ANSIColor;

my $can_regexp=1;
eval "use Regexp::Common \"URI\"";
if($@) { $can_regexp=0; }


print color("blue");

$ua = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
$ua->protocols_allowed( [ 'http','https'] );

$timeout = $timeout || 60;
$ua->timeout($timeout);

@weekday = ("Sunday", "Monday", "Tuesday", "Wednesday", "thursday", "Friday", "Saturday");
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime();;
$year = $year + 1900;
$mon += 1;
$stime="$mday/$mon/$year $hour:$min:$sec $weekday[$wday]";


@uagnt=('Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5'
,'Googlebot/2.1 ( http://www.googlebot.com/bot.html)'
,'Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.13 (KHTML, like Gecko) Ubuntu/10.04 Chromium/9.0.595.0 Chrome/9.0.595.0 Safari/534.13'
,'Mozilla/5.0 (compatible; MSIE 7.0; Windows NT 5.2; WOW64; .NET CLR 2.0.50727)'
,'Opera/9.80 (Windows NT 5.2; U; ru) Presto/2.5.22 Version/10.51'
,'Mozilla/5.0 (compatible; 008/0.83; http://www.80legs.com/webcrawler.html) Gecko/2008032620'
,'Debian APT-HTTP/1.3 (0.8.10.3)'
,'Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)'
,'Googlebot/2.1 (+http://www.googlebot.com/bot.html)'
,'Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)'
,'YahooSeeker/1.2 (compatible; Mozilla 4.0; MSIE 5.5; yahooseeker at yahoo-inc dot com ; http://help.yahoo.com/help/us/shop/merchant/)'
,'Mozilla/5.0 (compatible; YandexBot/3.0; +http://yandex.com/bots)'
,'Mozilla/5.0 (compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm)'
,'msnbot/1.1 (+http://search.msn.com/msnbot.htm)'
);

$agent = $agent || 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.5) Gecko/20060719 Firefox/1.5.0.5';

$agent = $uagnt[ rand @uagnt ] if($randomagent==1);

$ua->agent($agent);


$ua->cookie_jar({}) if($cookie!=1);
$ua->default_header('Cookie'=> "$cookie") if($cookie!=1);


our @dlog;our @tflog;

our $log="";
sub dprint{
my ($in) = @_;
$in =~ s/\/\//\//g;
$in =~ s/http:\//http:\/\//g;
$#dlog++;
$dlog[$#dlog]=$in;
$in="\n[+] $in\n";
$log .= $in;
print color("blue");
print "$in";
}
sub tprint{
my ($in) = @_;
$in =~ s/\/\//\//g;
$in =~ s/http:\//http:\/\//g;
$#tflog++;
$tflog[$#tflog]=$in;
$in="[++] $in\n";
$log .= $in;
print color("yellow");
print "$in";
print color("blue");
}
sub fprint{
my ($in) = @_;
$in =~ s/\/\//\//g;
$in =~ s/http:\//http:\/\//g;
$#tflog++;
$tflog[$#tflog]="1337false$in";
$in="[++] $in\n";
$log .= $in;
print color("red");
print "$in";
print color("blue");
}

print color("blue");
print "Processing $target ...\n\n\n";
84 changes: 84 additions & 0 deletions core/report.pl
View file

Large diffs are not rendered by default.

26 changes: 26 additions & 0 deletions core/update.pl
View file
@@ -0,0 +1,26 @@
#!/usr/bin/perl

my $browser = LWP::UserAgent->new;
$browser->timeout(60);
$browser = LWP::UserAgent->new(ssl_opts => { verify_hostname => 0 });
$browser->protocols_allowed( [ 'http','https'] );



print "\n[+] Checking newest version\n";

my $response = $browser->get('http://raw.githubusercontent.com/rezasp/joomscan/master/version');

if($response->is_success){
if($response->decoded_content =~ /$version/)
{
print "\n[!] New version available on http://github.com/rezasp/joomscan \n\n";
}else
{
print "\n[!] No new version available\n\n";

}

}else{
print "\nNetwork error!\n";
}

0 comments on commit ea807b6

Please sign in to comment.