Python CMSmap漏洞扫描工具
CMSmap是一个python开源CMS扫描程序,它可以自动检测最流行CMS的安全漏洞。CMSmap的主要目的是在一个工具中集成针对不同类型CMS的常见漏洞。
目前,CMSmap支持的CMS是WordPress,Joomla,Drupal和Moodle。
安装
您可以通过克隆GitHub存储库来下载最新版本的CMSmap:
git clone https://github.com/Dionach/CMSmap
然后,您需要在中配置edbtype
和edbpath
设置cmsmap.conf
。GIT
如果您具有Exploit-db的本地Git存储库,请使用:
[exploitdb]
edbtype = GIT
edbpath = /opt/exploitdb/
或者,APT
如果已安装debian
exploitdb软件包,则使用。对于Kali,请使用以下设置:
[exploitdb]
edbtype = APT
edbpath = /usr/share/exploitdb/
如果您想cmsmap
从系统中的任何位置运行,可以使用以下命令进行安装pip3
:
cd CMSmap
pip3 install .
要卸载它:
pip3 uninstall cmsmap -y
用法
usage: cmsmap [-f W/J/D] [-F] [-t] [-a] [-H] [-i] [-o] [-E] [-d] [-u] [-p]
[-x] [-k] [-w] [-v] [-h] [-D] [-U W/J/D]
[target]
CMSmap tool v1.0 - Simple CMS Scanner
Author: Mike Manzotti
Scan:
target target URL (e.g. 'https://example.com:8080/')
-f W/J/D, --force W/J/D
force scan (W)ordpress, (J)oomla or (D)rupal
-F, --fullscan full scan using large plugin lists. False positives and slow!
-t , --threads number of threads (Default 5)
-a , --agent set custom user-agent
-H , --header add custom header (e.g. 'Authorization: Basic ABCD...')
-i , --input scan multiple targets listed in a given file
-o , --output save output in a file
-E, --noedb enumerate plugins without searching exploits
-c, --nocleanurls disable clean urls for Drupal only
-s, --nosslcheck don't validate the server's certificate
-d, --dictattack run low intense dictionary attack during scanning (5 attempts per user)
Brute-Force:
-u , --usr username or username file
-p , --psw password or password file
-x, --noxmlrpc brute forcing WordPress without XML-RPC
Post Exploitation:
-k , --crack password hashes file (Require hashcat installed. For WordPress and Joomla only)
-w , --wordlist wordlist file
Others:
-v, --verbose verbose mode (Default false)
-h, --help show this help message and exit
-D, --default rum CMSmap with default options
-U, --update use (C)MSmap, (P)lugins or (PC) for both
Examples:
cmsmap.py https://example.com
cmsmap.py https://example.com -f W -F --noedb -d
cmsmap.py https://example.com -i targets.txt -o output.txt
cmsmap.py https://example.com -u admin -p passwords.txt
cmsmap.py -k hashes.txt -w passwords.txt
点击 - 阅读原文观看使用教程