CMSMap Nedir?
Web uygulamalarında açıklar taramaya yarayan CMSMap, içerik yönetim sistemleri yani CMS'ler için yazılmıştır. WordPress, Joomla, Drupal ve Moodle'da açık tarayabilir.
Python ve pip'e ihtiyaç koyar.
Çalıştırma örnekleri ise şu şekildedir;
Rich (BB code):
usage: cmsmap [-f W/J/D] [-F] [-t] [-a] [-H] [-i] [-o] [-E] [-d] [-u] [-p]
[-x] [-k] [-w] [-v] [-h] [-D] [-U W/J/D]
[target]
CMSmap tool v1.0 - Simple CMS Scanner
Author: Mike Manzotti
Scan:
target target URL (e.g. 'https://example.com:8080/')
-f W/J/D, --force W/J/D
force scan (W)ordpress, (J)oomla or (D)rupal
-F, --fullscan full scan using large plugin lists. False positives and slow!
-t , --threads number of threads (Default 5)
-a , --agent set custom user-agent
-H , --header add custom header (e.g. 'Authorization: Basic ABCD...')
-i , --input scan multiple targets listed in a given file
-o , --output save output in a file
-E, --noedb enumerate plugins without searching exploits
-c, --nocleanurls disable clean urls for Drupal only
-s, --nosslcheck don't validate the server's certificate
-d, --dictattack run low intense dictionary attack during scanning (5 attempts per user)
Brute-Force:
-u , --usr username or username file
-p , --psw password or password file
-x, --noxmlrpc brute forcing WordPress without XML-RPC
Post Exploitation:
-k , --crack password hashes file (Require hashcat installed. For WordPress and Joomla only)
-w , --wordlist wordlist file
Others:
-v, --verbose verbose mode (Default false)
-h, --help show this help message and exit
-D, --default rum CMSmap with default options
-U, --update use (C)MSmap, (P)lugins or (PC) for both
Examples:
cmsmap.py https://example.com
cmsmap.py https://example.com -f W -F --noedb -d
cmsmap.py https://example.com -i targets.txt -o output.txt
cmsmap.py https://example.com -u admin -p passwords.txt
cmsmap.py -k hashes.txt -w passwords.txtKurulum
Kullanım
