Uniscan is a simple Remote File Include, Local File Include and Remote Command Execution vulnerability scanner.
Requirements:
Kali Linux
Uniscan (Comes Pre-Installed in Kali Linux)
Installing Uniscan
[email protected]:~# apt-get install uniscan
listing usage: You can use command uniscan -h to list help options and display usage.
[email protected]:~# uniscan -h #################################### # Uniscan project # # http://uniscan.sourceforge.net/ # #################################### V. 6.2 OPTIONS: -h help -u <url> example: https://www.example.com/ -f <file> list of url's -b Uniscan go to background -q Enable Directory checks -w Enable File checks -e Enable robots.txt and sitemap.xml check -d Enable Dynamic checks -s Enable Static checks -r Enable Stress checks -i <dork> Bing search -o <dork> Google search -g Web fingerprint -j Server fingerprint usage: [1] perl ./uniscan.pl -u http://www.example.com/ -qweds [2] perl ./uniscan.pl -f sites.txt -bqweds [3] perl ./uniscan.pl -i uniscan [4] perl ./uniscan.pl -i "ip:xxx.xxx.xxx.xxx" [5] perl ./uniscan.pl -o "inurl:test" [6] perl ./uniscan.pl -u https://www.example.com/ -r
Uniscan Usage Example
Open a new terminal and enter the following command this will start finger printing and scanning the target web server for vulnerabilities.
uniscan.pl -u http://www.example.com/ -qweds
Replace URL with target URL.
In this tutorial I will be running Uniscan using options – qwedsgj
uniscan.pl -u http://www.example.com/ -qwedsgj
What these options do.
-q Enable Directory checks
-w Enable File checks
-e Enable robots.txt and sitemap.xml check
-d Enable Dynamic checks
-s Enable Static checks
-g Web fingerprint
-j Server fingerprint
Uniscan GUI
Uniscan also has a GUI for those who prefer a graphical interface.
To access Uniscan-Gui we can use the following command from a new terminal.
# uniscan-gui
