PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Scanning for phpMyAdmin

From: NSweaney at tulsacash.com (Nathan Sweaney)
Date: Mon, 3 Aug 2009 11:37:05 -0500
Couple options off the top of my head.  You'll have to research them/try
them out to figure out which works for you.

 

1). Nessus.  I'm pretty sure it'll detect phpMyAdmin & even determine
old versions.  Paul should be able to confirm that.  

 

2). Nmap.  It'll find the webservers, but not specify the application
unless there's an NSE script to detect it.  If not you could probably
create one pretty easily.  Awhile back Kevin Johnson did some work
converting the Nikto tests into Nmap NSE scripts.  So he may have
something for that. 

 

3). Nikto will show you where it's installed, but I'm not sure it
includes which version.  It could also take awhile to scan your entire
network.  I'd use nmap first to find the servers & then Nikto.

 

 

-- Nathan

 

________________________________

From: pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of John Hoyt
Sent: Monday, August 03, 2009 9:08 AM
To: Pauldotcom at mail.pauldotcom.com
Subject: [Pauldotcom] Scanning for phpMyAdmin

 

Does anyone know of a method that I can use to scan my network for
servers hosting phpMyAdmin?

I'm potentially looking for vulnerable versions.

Thanks,

John Hoyt

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20090803/9bc9f47c/attachment.htm
Previous By Date Next
Previous By Thread Next

Current thread: