Download PDFOpen PDF in browser

A Vulnerability Detection Framework for CMS Using Port Scanning Technique

EasyChair Preprint 3713

12 pagesDate: July 1, 2020

Abstract

In the era of technology, attack on computer infrastructure is considered as the most severe threat. Web server is one of the most important components of this infrastructure. Preventive measures must be taken to deal with these attacks on the web servers. For this reason, vulnerability detection needs to be carried out in an effective way and should be mitigated as soon as possible. In this paper, an effective framework for vulnerability detection of web application is proposed. This framework targets the web applications developed with content management systems (CMSs). It obtains prior knowledge of the vulnerable extensions of a specific CMS from its contributors. The framework is run against a target web server using a well-known port scanning tool, Nmap. It checks if there is any existing matches for the vulnerable extension installed in that web application. Finally, the framework gives an output comprised of the installed extensions along with the installed vulnerable extensions in that web application. Although the output result is shown in the Nmap console, the framework is a segregated entity that works in collaboration with Nmap. Thus this framework can be well-utilized by the security specialists to assess the security of a web application in an easier and effective way and also to evaluate vulnerability of web servers; hence shielding the web applications from various kinds of security threats.

Keyphrases: CMScan, Content Management System, Nmap Scripting Engine, Port Scanning, Security Scanner, Vulnerability Scanner, Web Service, vulnerability assessment, vulnerable extension, web application

BibTeX entry
BibTeX does not have the right entry for preprints. This is a hack for producing the correct reference:
@booklet{EasyChair:3713,
  author    = {Md. Asaduzzaman and Proteeti Prova Rawshan and Nurun Nahar Liya and Muhmmad Nazrul Islam and Nishith Kumar Dutta},
  title     = {A Vulnerability Detection Framework for CMS Using Port Scanning Technique},
  howpublished = {EasyChair Preprint 3713},
  year      = {EasyChair, 2020}}
Download PDFOpen PDF in browser