1 / 15

OWASP Joomla! (CMS) Vulnerability Scanner Project Flyer

OWASP Joomla! (CMS) Vulnerability Scanner Project Flyer. Aung Khant YGN Ethical Hacker Group, Myanmar http://yehg.net/. 07/17/2009. About Joomla! CMS. Former code base as Mambo CMS One of the most widely used CMS Admin/Developer/Webmaster friendliness

joshua-finley
Download Presentation

OWASP Joomla! (CMS) Vulnerability Scanner Project Flyer

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OWASP Joomla! (CMS)Vulnerability ScannerProject Flyer Aung Khant YGN Ethical Hacker Group,Myanmar http://yehg.net/ 07/17/2009

  2. About Joomla! CMS • Former code base as Mambo CMS • One of the most widely used CMS • Admin/Developer/Webmaster friendliness • Easy to deploy, restore, backward compatibility • Download, extract, upload, configure, Then up and running within a few minutes • Hundreds of extensions for every possible type of web sites – E-Commerce, Forum, Shopping, …etc

  3. About Joomla! CMS (cont) Extensions comprise of: - Components - Modules - Plugins - Templates Increasing large user community Every modern web hosting provider has one-click Joomla! CMS installer 3

  4. Joomla’s Best Quote: Joomla! makes it easy to launch a Web site of any kind. Experience the Freedom! It has never been easier to create your own dynamic Web site. Manage all your content from the best CMS admin interface and in virtually any language you speak.

  5. When it comes to security … • Popularity has attracted attackers • Continual vulnerability disclosure publish since its the first release • Hundreds of extensions mean hundreds of possible doors to exploit • Third-party components vulnerabilities disclosed nearly every two or three month

  6. How Joomla! Developers React (In)Security • Formed JSST (Joomla! Security Strike Team) • Fix flaw codes found and reported within a few timeline frame • Cover holes in the Core Application Framework

  7. When there is a need for security … • Although Joomla! Developers are active in patching security holes, extensions developers may not be • Free extensions stopped updates or abandoned by their authors • Older commercial extensions stopped support or providers even removed some from their product lines • Webmasters can update latest bug-free Joomla! but not vulnerable third-party components, which are main functionalities of their sites

  8. When there is a need for security … • Vulnerable components get not fixed for a long time • Attackers find them via Google Dork and hack • Webmasters have no idea of how their sites are hacked

  9. Joomla! Mass Worm in the wild • Joomla! 1.5.5 was vulnerable to Admin Token Password Change vulnerability • Attackers’ wrote Mass Worm which exploits it to replace the index page with malicious iframes • Victim sites got into Google’s blacklists every quickly

  10. A Need for Pentesters • When pentesting Joomla! Sites, we cannot know what vulnerable hidden extensions are being used • There is a possible chance to miss critical vulnerabilities • No single exploit hosting sites have perfect Joomla! and its extensions vulnerabilities

  11. A Need for Pentesters • Existing Joomla! vulnerability scanners in the wild are lack of updates and all possible types of holes • No single exploit hosting sites have perfect Joomla! and its extensions vulnerabilities • Adding signature database to Nikto/W3AF will not be appropriate as there are some subtle things involved

  12. OWASP Joomla! Vulnerability Scanner Born! • Started in November, 2008 as a personal project • Released in December 2008 at SourceForge.net • Donated to OWASP in May 2009 • Became Release Quality Tool in July 2009

  13. OWASP Joomla! Vulnerability Scanner • Author: Aung Khant (YGN Ethical Hacker Group, http://yehg.net) • Reviewers • 1st – Brad Causey • 2nd - Matt Tesauro • 3rd - Tom Brennan (OWASP Board) • 4th Paulo Coimbra (Project Manager)

  14. OWASP Joomla! Vulnerability Scanner • Main Features: • Joomla! based web firewalls probing • Extensive version probingIn most cases, the scanner can tell the exact version the Joomla! • Search for vulnerabilities • in Joomla! Core Application Frame • in hundreds of popular components • Immediate update via SVN / Scanner

  15. OWASP Joomla! Vulnerability Scanner • Main Features (cont): • Report output of textual and HTML format • Current Limitations: • Lack of IDS bypass mechanism • Not have 100% complete vulnerability database • May generate false positives under the disguise of security savvy web administrators

More Related