[Openvas-discuss] Openvas-inspect domain vuln problem

sight In insight.labs2012 at gmail.com
Wed Jan 11 14:43:18 CET 2012


Hi  Michael

thanks for your reply , i will try it


2012/1/11 Michael Meyer <michael.meyer at greenbone.net>

> *** insight labs <insight.labs2012 at gmail.com> wrote:
> > i have a problem about openvas inspecting web vulnerability ,for my
> manual
> > testing i think this issue is a gsad transform  domain to ip
> > for example:
> > enable (phpMyAdmin Setup $host Variable Cross Site Scripting
> Vulnerability)
> > rules
> >
> > Actually we know it rules inspect the phpmyadmin vulnerability, but my
> > hosting is a virtual machine (have many domain running on the one ip)
> >
> > assume our hosting is virtual,so if inspect below
> > http://127.0.0.1/phpmyadmin --> not found phpmyadmin
> > http://www/phpmyadmin ---> found phpmyadmin
>
> GSA -> Scan Configs -> Edit Scan Config ->
>
> vhosts:    host1.com,host2.com,host3.com <- No whitespaces!
> vhosts_ip: 127.0.0.1
>
> Target IP must be the same as vhosts_ip.
>
> HTH
>
> Micha
>
>
> --
> Michael Meyer                            OpenPGP Key: 52A6EFA6
> http://www.greenbone.net/
> Greenbone Networks GmbH, Neuer Graben 17, 49074 Osnabrück | AG
> Osnabrück, HR B 202460
> Geschäftsführer: Lukas Grunwald, Dr. Jan-Oliver Wagner
> _______________________________________________
> Openvas-discuss mailing list
> Openvas-discuss at wald.intevation.org
> http://lists.wald.intevation.org/mailman/listinfo/openvas-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wald.intevation.org/pipermail/openvas-discuss/attachments/20120111/b164fd9b/attachment.html>


More information about the Openvas-discuss mailing list