Change v3.2 : Some optimizations, added one BUGGED AS FUCK PostgreSQL error based injection
PHPmvs is a simple (maybe not THAT fast) SQLi exploiter, admin panel finder, server vulnerability scanner, port scanner, website crawler and webserver fuzzer (DOS) mostly for “fast” scan (you can upload it to your own server and scan multiple sites from there) the only thing you need to make it work is a webserver with PHP and a browser.
Now i’m getting closer to what i want for the sql injection “module”, the biggest change in this release and the reason of the numeration jump from 2.x to 3 is the brand new multi-parameter detection. What does that means? it means if the url has 2 or more parameters it will be splitted and every parameter will be tested in order to achieve a more precise detection.
- PostgreSQL Error-based injection.(new)
- ORACLE Error-based SQL injection.
- Multi-parameter detection/injection.
- Error-based SQL injection.
- Union query SQL injection
- Apache version-related alerts.
- Some apache modules vulnerabilities.
- PHP version-related alerts.
- Port scanner.
- Admin panel finder.
- Website Crawler.
- Simple Server Fuzzer. (DOS)
- Directory Traversal.
- Some Joomla! vulnerabilities.
- Black background and green font.
Download : PHPmvs_BETA_3.2.php (82.6 kB)
Find Other version |
sources : http://sourceforge.net/projects/phpmvs/?source=dlp
our post before : http://seclist.us/update-php-mini-vulnerability-suitephpmvs-v-3-0.html