How to scan a Joomla Web App

udabaddak's Avatar

udabaddak

14 Feb, 2017 02:45 PM

I'm try scanning a Joomla Web app (example site: http://bla.it), but it fails to do the spidering of the site. Scan is finished after a few seconds

  1. Support Staff 1 Posted by Tasos Laskos on 14 Feb, 2017 03:05 PM

    Tasos Laskos's Avatar

    There's nothing to scan there, all pages return SQL errors and after a few requests the server completely stops responding.

  2. 2 Posted by udabaddak on 14 Feb, 2017 03:16 PM

    udabaddak's Avatar

    http://bla.it is an example. I'm trying a website that use joomla but only scans the home page. It is unable to navigate the site.

  3. Support Staff 3 Posted by Tasos Laskos on 14 Feb, 2017 03:19 PM

    Tasos Laskos's Avatar

    Any chance I can be given access to the real site?
    Also, using --output-debug=5 might let you know what's going on.

  4. 4 Posted by udabaddak on 14 Feb, 2017 03:33 PM

    udabaddak's Avatar

    This web application is deployed in our internal network and we cannot give an external access. But we can say that it is based on Joomla 3.6.5. We used also another scanner to try, Nessus, and we find a similar problem that we solved passing as url "http:/bla.it/index.php" and "following automatic page generated" flag. We tried to do the same with Arachni without a good result.

  5. Support Staff 5 Posted by Tasos Laskos on 14 Feb, 2017 03:34 PM

    Tasos Laskos's Avatar

    Sorry, without access I can't know what's going on.

  6. Tasos Laskos closed this discussion on 14 Feb, 2017 03:34 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac