Offensive Sec Blog

Security of Information, Threat Intelligence, Hacking, Offensive Security, Pentest, Open Source, Hackers Tools, Leaks, Pr1v8, Premium Courses Free, etc

Sunday, February 21, 2016

Vulnerability Scanner With Custom Payload - PyScan-Scanner

           , , ,       No comments    


REQUIRE
  • urllib2
  • BeautifulSoup
  • requests

 START
  • Change database information 
$bdd = new PDO('mysql:host=localhost;dbname=pyscan', 'user', 'password');
  • Update a Python gate 
panel_url = "http://localhost/pyscan/"
gate_scraper = "cmd/gate.php"
gate_scanner = "cmd/scan.php"
gate_vuln = "cmd/vuln.php"
gate_payload = "panel/api/payload.php"
gate_database = "panel/api/database.php"

 Upload the .SQL 

mysql -u username -p database_name < file.sql

 Login 

Username: root
password: toor

 Make payload !


Test payload 

python pyscan.py -u "http://exemple.com/id=2" -s -p PAYLOAD_ID

 Test all payload 

python pyscan.py -u "http://exemple.com/id=2" -s --all

 Import mass link


Test all link 

python pyscan.py --database


Share:

0 comentários:

Post a Comment

Note: Only a member of this blog may post a comment.

Copyright © Offensive Sec Blog | Powered by OffensiveSec
Design by OffSec | Theme by Nasa Records | Distributed By Pirate Edition