Joomla Vulnerabilities Scan

Most Joomla vulnerability scanners are amateur the least said. This is true especially if you try to find a solution in Google and you fall on the first results. One of the most popular sites for this purpose would do the following:

1. Try to fetch xml files for the installed extensions in your Joomla. The first problem is that it tries to access the administrator area which should be by any means IP / Password protected for any secury Joomla. After that scan your web log will look like this:

72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET / HTTP/1.1" 200 5728 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.1) Gecko/20060111 Firefox/1.5.0.1" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /htaccess.txt HTTP/1.1" 200 2773 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_a6mambocredits/a6mambocredits.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_a6mambohelpdesk/a6mambohelpdesk.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_acajoom/acajoom.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_actualite/actualite.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_advancedpoll/advancedpoll.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_ajaxchat/ajaxchat.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_akocomment/akocomment.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_alberghi/alberghi.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_alphacontent/alphacontent.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_articles/articles.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_artlinks/artlinks.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_astatspro/astatspro.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_autostand/autostand.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_bayesiannaivefilter/bayesiannaivefilter.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_jombib/jombib.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_babackup/babackup.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_bsqsitestats/bsqsitestats.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_bsq_sitestats/bsq_sitestats.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_calendar/calendar.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:28 -0500] "GET /administrator/components/com_candle/candle.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_resman/resman.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_jjgallery/jjgallery.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_chronocontact/chronocontact.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_cinema/cinema.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_clasifier/clasifier.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_classifieds/classifieds.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_colophon/colophon.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_colorlab/colorlab.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_comprofiler/comprofiler.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_profiler/profiler.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_cpg/cpg.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_cropimage/cropimage.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_custompages/custompages.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_d3000/d3000.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_ezine/ezine.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_events/events.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_expose/expose.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_extcalendar/extcalendar.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_extended_registration/extended_registration.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_extplorer/extplorer.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_facileforms/facileforms.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_panoramic/panoramic.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_slideshow/slideshow.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_flashfun/flashfun.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_fundraiser/fundraiser.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_galleria/galleria.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_gmaps/gmaps.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_hashcash/hashcash.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_hotproperty/hotproperty.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_htmlarea3_xtd-c/htmlarea3_xtd-c.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_hwdvideoshare/hwdvideoshare.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_jreactions/jreactions.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_jce/jce.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_jcs/jcs.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_jd-wiki/jd-wiki.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_jd-wp/jd-wp.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_jim/jim.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_jooget/jooget.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_cloner/cloner.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_joomlaflashfun/joomlaflashfun.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:29 -0500] "GET /administrator/components/com_joomla_flash_uploader/joomla_flash_uploader.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_joomlaradiov5/joomlaradiov5.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_joom12pic/joom12pic.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_joomlaboard/joomlaboard.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_joomlalib/joomlalib.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_jpack/jpack.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_joomlaxplorer/joomlaxplorer.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_sef/sef.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_joovideo/joovideo.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:30 -0500] "GET /administrator/components/com_jpack/jpack.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_jreviews/jreviews.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_juser/juser.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_kochsuite\r HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/mod_letterman/mod_letterman.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_fm/fm.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_linkdirectory/linkdirectory.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_lmo/lmo.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_loudmouth/loudmouth.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_loudmouth/loudmouth.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_lurm_constructor/lurm_constructor.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_madeira/madeira.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:31 -0500] "GET /administrator/components/com_moodle/moodle.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mambatstaff/mambatstaff.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mambelfish/mambelfish.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mmp/mmp.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mgm/mgm.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mambospgm/mambospgm.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mambowiki/mambowiki.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_videodb/videodb.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_trade/trade.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_marketplace/marketplace.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mcquiz/mcquiz.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mediaslide/mediaslide.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_minibb/minibb.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mtree/mtree.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_directory/directory.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_lm/lm.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mosmedia/mosmedia.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mosmedia/mosmedia.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mospray/mospray.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_reporter/reporter.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_mp3_allopass/mp3_allopass.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_multibanners/multibanners.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_myalbum/myalbum.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_neogallery/neogallery.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_neorecruit/neorecruit.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:32 -0500] "GET /administrator/components/com_neoreferences/neoreferences.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_nfn_addressbook/nfn_addressbook.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_nicetalk/nicetalk.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_onlineflashquiz/onlineflashquiz.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_sef/sef.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_paxxgallery/paxxgallery.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_pccookbook/pccookbook.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_pccookbook/pccookbook.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_pcchess/pcchess.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_peoplebook/peoplebook.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_performs/performs.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_philaform/philaform.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_phpshop/phpshop.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_forum/forum.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_pollxt/pollxt.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_ponygallery/ponygallery.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_pcchess/pcchess.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_productshowcase/productshowcase.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_puarcade/puarcade.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_quiz/quiz.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_rapidrecipe/rapidrecipe.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_rekry/rekry.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_remository/remository.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_restaurante/restaurante.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_rsgallery2/rsgallery2.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_rsfiles/rsfiles.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_rsgallery/rsgallery.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_rssxt/rssxt.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_rwcards/rwcards.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_securityimages/securityimages.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_sef/sef.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_serverstat/serverstat.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_sef/sef.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_simpleshop/simpleshop.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_simpleboard/simpleboard.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_sitemap/sitemap.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_smf/smf.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_swmenupro/swmenupro.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_thopper/thopper.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_minibb/minibb.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_tour_toto/tour_toto.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:33 -0500] "GET /administrator/components/com_doc/doc.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_galeria/galeria.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_noticias/noticias.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_uhp/uhp.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_uhp2/uhp2.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_virtuemart/virtuemart.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_wmtportfolio/wmtportfolio.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_webring/webring.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_wmtgallery/wmtgallery.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_x-shop/x-shop.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_xfaq/xfaq.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_ynews/ynews.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_zoom/zoom.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_flippingbook/flippingbook.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_filiale/filiale.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_jpad/jpad.xml HTTP/1.1" 403 4252 "-" "-" 72.3.247.8 - - [08/Oct/2010:05:25:34 -0500] "GET /administrator/components/com_joomla-visites/joomla-visites.xml HTTP/1.1" 403 4252 "-" "-"


2. Once their lame Joomla vulnerability scan is over they will show you bogus results (of course). They will tell you that ... most of their tests have not shown a vulnerability BUT ONE... In order to see that mysterious one you will HAVE TO PAY :) Don't wonder how they have found that 'paid' vulnerability because from the scan it is impossible.

So if you are serious about your Joomla security try hiring a real expert and don't fall for the popular choices. Especially when the first step is free and the final and most important is paid :)

So if you are serious about Joomla vulnerability scanning and website security as a whole simply make sure you are running the latest version of all extensions. Of course, your Joomla has to be the latest version too. If you need help try to find a reputable security experts.


blog comments powered by Disqus