Home → Problems →

How to scan a Joomla Web App

• Edit

udabaddak

Feb 14, 2017 @ 02:45 PM

I'm try scanning a Joomla Web app (example site: http://bla.it), but it fails to do the spidering of the site. Scan is finished after a few seconds

1. Support Staff 1 Posted by Tasos Laskos on Feb 14, 2017 @ 03:05 PM

   

   There's nothing to scan there, all pages return SQL errors and after a few requests the server completely stops responding.

   • Edit

2. 2 Posted by udabaddak on Feb 14, 2017 @ 03:16 PM

   

   http://bla.it is an example. I'm trying a website that use joomla but only scans the home page. It is unable to navigate the site.

   • Edit

3. Support Staff 3 Posted by Tasos Laskos on Feb 14, 2017 @ 03:19 PM

   

   Any chance I can be given access to the real site?
   Also, using --output-debug=5 might let you know what's going on.

   • Edit

4. 4 Posted by udabaddak on Feb 14, 2017 @ 03:33 PM

   

   This web application is deployed in our internal network and we cannot give an external access. But we can say that it is based on Joomla 3.6.5. We used also another scanner to try, Nessus, and we find a similar problem that we solved passing as url "http:/bla.it/index.php" and "following automatic page generated" flag. We tried to do the same with Arachni without a good result.

   • Edit

5. Support Staff 5 Posted by Tasos Laskos on Feb 14, 2017 @ 03:34 PM

   

   Sorry, without access I can't know what's going on.

   • Edit

6. Tasos Laskos closed this discussion on Feb 14, 2017 @ 03:34 PM.