Couple options off the top of my head. You'll have to research them/try them out to figure out which works for you.
1). Nessus. I'm pretty sure it'll detect phpMyAdmin & even determine old versions. Paul should be able to confirm that. 2). Nmap. It'll find the webservers, but not specify the application unless there's an NSE script to detect it. If not you could probably create one pretty easily. Awhile back Kevin Johnson did some work converting the Nikto tests into Nmap NSE scripts. So he may have something for that. 3). Nikto will show you where it's installed, but I'm not sure it includes which version. It could also take awhile to scan your entire network. I'd use nmap first to find the servers & then Nikto. -- Nathan ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of John Hoyt Sent: Monday, August 03, 2009 9:08 AM To: [email protected] Subject: [Pauldotcom] Scanning for phpMyAdmin Does anyone know of a method that I can use to scan my network for servers hosting phpMyAdmin? I'm potentially looking for vulnerable versions. Thanks, John Hoyt
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
