PaulDotCom mailing list archives
Scanning for phpMyAdmin
From: jinxpuppy at gmail.com (Tom Brennan - Personal)
Date: Mon, 3 Aug 2009 18:38:32 +0000
and of course there can be no other issues in a webapp if nikto can't find them :) Nmap+Nessus+Nikto a good way to find Network Layer aka known problems known systems for low cost or CVE When you have a custom developed website (example: www.ALLWEBSITES.xxx). You need to look at logic flows, dynamic forms and other such as http://www.webappsec.org/projects/threat/classes_of_attack.shtml think CWE http://cwe.mitre.org/ Since 2001, OWASP www.owasp.org also has well known resources such as owasp-top 10, developer guide, webgoat, SAMM and 50+ others for FREE If you have a custom webapp and don't think you have any webapp issues I got $20 bucks who wants to bet? www.twitter.com/brennantom -----Original Message----- From: Paul Asadoorian <paul at pauldotcom.com> Date: Mon, 03 Aug 2009 13:40:15 To: PaulDotCom Security Weekly Mailing List<pauldotcom at mail.pauldotcom.com> Subject: Re: [Pauldotcom] Scanning for phpMyAdmin Looks like Nikto contains about 5 checks for phpmyadmin (grep -i phpmyadmin db_tests). Nmap scripts do not contain any references to phpmyadmin. Cheers, Paul Nathan Sweaney wrote:
Couple options off the top of my head. You?ll have to research them/try them out to figure out which works for you. 1). Nessus. I?m pretty sure it?ll detect phpMyAdmin & even determine old versions. Paul should be able to confirm that. 2). Nmap. It?ll find the webservers, but not specify the application unless there?s an NSE script to detect it. If not you could probably create one pretty easily. Awhile back Kevin Johnson did some work converting the Nikto tests into Nmap NSE scripts. So he may have something for that. 3). Nikto will show you where it?s installed, but I?m not sure it includes which version. It could also take awhile to scan your entire network. I?d use nmap first to find the servers & then Nikto. -- Nathan ------------------------------------------------------------------------ *From:* pauldotcom-bounces at mail.pauldotcom.com [mailto:pauldotcom-bounces at mail.pauldotcom.com] *On Behalf Of *John Hoyt *Sent:* Monday, August 03, 2009 9:08 AM *To:* Pauldotcom at mail.pauldotcom.com *Subject:* [Pauldotcom] Scanning for phpMyAdmin Does anyone know of a method that I can use to scan my network for servers hosting phpMyAdmin? I'm potentially looking for vulnerable versions. Thanks, John Hoyt ------------------------------------------------------------------------ _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
-- Paul Asadoorian PaulDotCom Enterprises Web: http://pauldotcom.com Phone: 401.829.9552 _______________________________________________ Pauldotcom mailing list Pauldotcom at mail.pauldotcom.com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Scanning for phpMyAdmin John Hoyt (Aug 03)
- Scanning for phpMyAdmin Robin Wood (Aug 03)
- Scanning for phpMyAdmin Nathan Sweaney (Aug 03)
- Scanning for phpMyAdmin Paul Asadoorian (Aug 03)
- Scanning for phpMyAdmin Paul Asadoorian (Aug 03)
- Scanning for phpMyAdmin Tom Brennan - Personal (Aug 03)
- Scanning for phpMyAdmin Paul Asadoorian (Aug 04)
- Scanning for phpMyAdmin Paul Asadoorian (Aug 03)
- Scanning for phpMyAdmin Jim Halfpenny (Aug 03)
- <Possible follow-ups>
- Scanning for phpMyAdmin infolookup at gmail.com (Aug 03)