Skip to main content

Pentest Web Dengan Uniscan Manuver GUI

Uniscan ini adalah tools untuk membongkar seluruh direktory dari web target meskipun direktory itu di hidden =)) .
keunggulan aplikasi ini adalah mendeteksi seluruh jenis serangan.



Dukungan mode :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
OPTIONS:
-h help
-u example: https://www.example.com/
-f list of url's
-b Uniscan go to background
-q Enable Directory checks
-w Enable File checks
-e Enable robots.txt check
-d Enable Dynamic checks
-s Enable Static checks
-r Enable Stress checks
-i Bing search
 
usage:
[1] perl ./uniscan.pl -u http://www.target.com/ -qweds
[2] perl ./uniscan.pl -f sites.txt -bqweds
[3] perl ./uniscan.pl -i uniscan
[4] perl ./uniscan.pl -i "ip:xxx.xxx.xxx.xxx"
[5] perl ./uniscan.pl -u https://www.example.com/ -r
Tampilan awal uniscan.pl V. 5.3 :




1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
lindo@laptop:/pentest/web/uniscan# perl ./uniscan.pl -u http://www.fk.ui.ac.id/ -qweds
###############################
# Uniscan project #
# http://www.uniscan.com.br/ #
###############################
V. 5.3
 
Argument "500 Can't connect to www.uniscan.com.br:80 (Bad hostname..." isn't numeric in numeric ne (!=) at Uniscan/Functions.pm line 402.
New version 500 Can't connect to www.uniscan.com.br:80 (Bad hostname 'www.uniscan.com.br') is avaliable
More details in http://www.uniscan.com.br/
 
Scan date: 8-7-2012 9:9:30
===================================================================================================
| Domain: http://www.fk.ui.ac.id/
| Server: Apache/2.2.9 (Debian) DAV/2 SVN/1.5.1 proxy_html/3.0.0 mod_ruby/1.2.6 Ruby/1.8.7(2010-08-16) mod_ssl/2.2.9 OpenSSL/0.9.8o mod_perl/2.0.4 Perl/v5.10.1
| IP: 152.118.24.142
===================================================================================================
|
| Directory check:
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/classes/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/config/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/download/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/helpers/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/icons/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/images/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/stats/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/usage/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/css/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/js/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/language/
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/manual/
===================================================================================================
|
| File check:
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/config.php
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/index.php
| [+] CODE: 200e URL: http://www.fk.ui.ac.id/login.php
===================================================================================================
|
| Check robots.txt:
===================================================================================================
|
| Crawler Started:
| Plugin name: Code Disclosure v.1 Loaded.
| Plugin name: phpinfo() Disclosure v.1 Loaded.
| Plugin name: Web Backdoor Disclosure v.1.1 Loaded.
| Plugin name: E-mail Detection v.1 Loaded.
| Plugin name: Upload Form Detect v.1 Loaded.
| Plugin name: External Host Detect v.1.1 Loaded.
| [*] Crawling: [605 - 1401]
===================================================================================================
kasihan web nya, sy stop load Crawler-nya tuh.. ^_^
Oke kita lanjut ke Uniscan dalam monuver GUI =))
oke deh perhatiin aja Screen-shot-nya, soalnya hati lagi galau jadi nggak mo0d buat kata² -__- .
Saya anggap Uniscan yang kita download tadi uda di ektrak ya,kalo belum ngerti nge ektrak silahkan di googling aja ^_^.




Dibawah ini sample isi folder dari uniscan :
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
lindo@laptop:~/Senjata/uniscan6.0# ls
CHANGELOG.txt
c.txt
Directory
index.php
Plugins
report
Uniscan
uniscan_gui.pl
uniscan.pl
cookies.lwp
DB
Files
LFI
RCE
RFI
uniscan.conf
uniscan.log
Jadi cara excutenya begini nih :
lindo@laptop:~/Senjata/uniscan6.0# ./uniscan_gui.pl
–done , semoga bermanfaat.

Comments

Post a Comment

Popular posts from this blog

All spam And carding tools for Free

H ello Friends, Before i spoke about spamming and how can hackers hack your credit / debit card or your paypal account easily and today i will present to you all Spamming tools for free :-) Mailer  A mailer is an essential tool for spamming or it's a bulk mailer used to send many emails at the same time, actually mailers are scripts programmed using PHP and you must upload them into your web server or a hacked one, Also there are some Softwares which use SMTP server to Send mass mails Like 1st mass mailer ( Here How to get a free Smtp Server ) Download  1st mass Mailer  Download Script PHP Mailer #1 Download  Script PHP Mailer #2 Download Script PHP Mailer #3 Letter A Letter is The Mail Body it's like any email body designed using html and css, The best letter it's the private letter, i mean a letter was made by you ! so it will be an inbox letter. Download  Paypal Private letter Download  Paypal Private letter Download  Ap...
1 comment
Read more

Cara Melihat Hardware ID Komputer dan Laptop

Cara Melihat Hardware ID Komputer dan Laptop – Bagi para pengguna windows jarang sekali bahkan hampir tidak pernah mengenali hardware id pada komputer atau laptop mereka. Kenyataannya untuk beberapa kebutuhan penting seperti mencari driver untuk hardware pada komputer atau laptop, hardware id akan sangat dibutuhkan. Sebab tanpa kita tahu nama dari hardware, sebenarnya kita bisa melakukan pencarian driver di internet dengan lebih mudah. Untuk mengetahui hardware id, silahkan simak artikel berikut ini. Sebelumnya silahkan anda masuk ke windows explorer dengan menekan tombol Windows + E. Pada icon gambar Computer silahkan klik kanan dan pilih tab properties. Cara-melihat-Device-management-Windows Setelah proses diatas, anda akan dibawa pada jendela baru tentang detail sistem operasi windows anda. Dari sini, silahkan anda klik menu Device Manager di kolom sebelah kiri. Detail-System-Windows Jika sudah akan ada jendela baru Device Manager, sebetulnya langkah diatas bisa dipersin...
Post a Comment
Read more

Cara Carding With Havij + Dork

Assalamualaikum, saya akan berbagi sedikit trik carding menggunakan Havij, langsung saja ke TKP biar prakteknya cepat selesai - yang dibutuhkan : Havij versi 1.16 ( download disini <== ) Dork bisa dilihat disini  <== kesabaran - cari dulu target kita di google, dengan menggunakan dork diatas - pilih target anda, disini saya menargetkan   http://www.a-k-a.net/prod_detail.php?id=2   sebagai korban - setelah itu buka Havij yang sudah di download tadi, terus paste Url korban di kolom target, lalu klik  tombol Analyze di sebelah kanan target - tunggu sampai Havij selesai melakukan proses Scaning,tuh Database nya udah kelihatan, lalu klik icon tables - centang Databasenya lalu klik lagi icon get Tables, maka Havij akan melakukan scaning database dan akan mencari tabel yang ada di dalam database tersebut. - jika semua daftar tabel sudah kelihatan, kita pilih salah satu tabel yang menyimpan informasi CC, biasanya ada ditabel dengan nama order,konsumen,member, ...
Post a Comment
Read more