VulnX - CMS And Vulnerabilites Detector And An Intelligent Auto Shell Injector

VulnX - CMS And Vulnerabilities Detector And An Intelligent Auto Shell Injector

NAHID HASAN TECHNOLOGY

Features

• ➧Detect cms (wordpress, joomla, prestashop, drupal, opencart, magento, lokomedia)
• ➧Target informations gatherings
• ➧Target Subdomains gathering
• ➧Multi-threading on demand
• ➧Checks for vulnerabilites
• ➧Auto shell injector
• ➧Exploit dork searcher

Exploits

NAHID HASAN TECHNOLOGY

Joomla

• ➣Com Jce
• ➣Com Jwallpapers
• ➣Com Jdownloads
• ➣Com Weblinks
• ➣Com Fabrik
• ➣Com Jdownloads Index
• ➣Com Foxcontact
• ➣Com Blog
• ➣Com Users
• ➣Com Ads Manager
• ➣Com Sexycontactform
• ➣Com Media
• ➣Mod_simplefileupload
• ➣Com Facileforms

⏩Also Read: Password Hacking

Wordpress

• ➤Simple Ads Manager
• ➤InBoundio Marketing
• ➤WPshop eCommerce
• ➤Synoptic
• ➤Showbiz Pro
• ➤Job Manager
• ➤Formcraft
• ➤PowerZoom
• ➤Download Manager
• ➤CherryFramework
• ➤Catpro
• ➤Blaze SlideShow
• ➤Wysija-Newsletters

Drupal

• ➨Add Admin
• ➨Drupal BruteForcer
• ➨Drupal Geddon2

PrestaShop

• ➩attributewizardpro
• ➩columnadverts
• ➩soopamobile
• ➩pk_flexmenu
• ➩pk_vertflexmenu
• ➩nvn_export_orders
• ➩megamenu
• ➩tdpsthemeoptionpanel
• ➩psmodthemeoptionpanel
• ➩masseditproduct
• ➩blocktestimonial
• ➩soopabanners
• ➩Vtermslideshow
• ➩simpleslideshow
• ➩productpageadverts
• ➩homepageadvertise
• ➩homepageadvertise2
• ➩jro_homepageadvertise
• ➩advancedslider
• ➩cartabandonmentpro
• ➩cartabandonmentproOld
• ➩videostab
• ➩wg24themeadministration
• ➩fieldvmegamenu
• ➩wdoptionpanel

Opencart

• ⏩Opencart BruteForce

Available command line options

  -u --url              url target to scan

  -D --dorks            search webs with dorks

  -o --output           specify output directory

  -t --timeout          http requests timeout

  -c --cms-info         search cms info[themes,plugins,user,version..]

  -e --exploit          searching vulnerability & run exploits

  -w --web-info         web informations gathering

  -d --domain-info      subdomains informations gathering

  -l, --dork-list       list names of dorks exploits

  --threads             number of threads

Docker

VulnX can be launched in docker.

$ git clone https://github.com/anouarbensaad/VulnX.git

$ cd VulnX

$ docker build -t vulnx ./docker/

$ docker run -it --name vulnx vulnx:latest -u http://exemple.com

make a local volume to view the results into a logfile

$ docker run -it --name vulnx -v "$PWD/logs:/VulnX/logs" vulnx:latest -u http://exemple.com

Install VulnX

$ git clone https://github.com/anouarbensaad/VulnX.git

$ cd VulnX

$ chmod + x install.sh

$ ./install.sh

Now run vulnx

example command with options : settimeout=3 , cms-gathering = all , -d subdomains-gathering , run --exploits

vulnx -u http://example.com --timeout 3 -c all -d -w --exploit

example command for searching dorks : -D or --dorks , -l --list-dorks

vulnx --list-dorks return table of exploits name. vulnx -D blaze return urls found with blaze dork

Download Link :

Thank You✌✌✌

>>>ReadMore<<<