Hello i am back with a new tutorial how to scan website for the bugs and vulnerability using BackTrack's uniscan tool. And as we all know that backtrack is specially designed for the security researchers so there are many tools pre installed in the backtrack like sqlmap, uniscan and all. To accomplish this you need backtrack operating system you can get Backtrack5 R3 from here. And you can also use Kali Linux :)
Also read : How to Improve Backtrack for everyday use.
Follow the simple steps to find the vulnerability in any website !
Now make sure you have opened Backtrack operating system and now just open the terminal and write the bellow code in the terminal and hit okay!
cd /pentest/web/uniscan && ./uniscan.pl
Now you can see the bellow snapshot there are few options are given.
Now we have are going to use the bellow command and make sure you have the website link :)
./uniscan.pl -u http://www.website.com/ –bqdw
And your website’s URL should be end with the forward slash and now just hit enter and then the process will start :)
Now as you can see we got the IP address and the server of the website :) and wait we will get many more information :)
Directory Check: Directory check will check the directories of the website and it will list the directories of the website as shown in the bellow snapshot.
File check : Now as the name says it will check the files which are hosted in the website.
Now crawler is started it will grab all the email address and externals hosts and all the information
External Host:
Web backdoors:
File upload forums :
Now let me tell you that using this tool we can scan the websites for many more vulnerability like sql-i, XSS, remote code execution and many more and you can make few bucks by participating in the bug bounty program :)
Check out: How i got 100$ from Google bugbounty program
Check out: How i got 100$ from Google bugbounty program
Now you can see in the above snapshot the list of the bugs it will find :)
Check out: The list of the bug bounty program !
Now as shown in the above we the website is vulnerable to the blind sqli. :D Mission accomplished :) we have found the bug. if you have any question about this then make a comment :)
Now if you want to get the list of the sites hosted on the same server then simply add this command, just replace the ip address with the server’s ip address. and the list of the websites will be stored in the same directory with the name “sites.txt”
0 comments:
Post a Comment