Home Unlabelled Cmseek V1.1.2 - Cms Detection Together With Exploitation Suite - Scan Wordpress, Joomla, Drupal Together With Over 170 Other Cmss

Cmseek V1.1.2 - Cms Detection Together With Exploitation Suite - Scan Wordpress, Joomla, Drupal Together With Over 170 Other Cmss

By
Tuesday, September 10, 2019
Read
Add Comment

What is a CMS?
H5N1 content management organization (CMS) manages the creation as well as modification of digital content. It typically supports multiple users inwards a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc.

Release History
- Version 1.1.2 [19-05-2019] - Version 1.1.1 [01-02-2019] - Version 1.1.0 [28-08-2018] - Version 1.0.9 [21-08-2018] - Version 1.0.8 [14-08-2018] - Version 1.0.7 [07-08-2018] ...
Changelog File

Functions Of CMSeek:
  • Basic CMS Detection of over 170 CMS
  • Drupal version detection
  • Advanced Wordpress Scans
    • Detects Version
    • User Enumeration
    • Plugins Enumeration
    • Theme Enumeration
    • Detects Users (3 Detection Methods)
    • Looks for Version Vulnerabilities as well as much more!
  • Advanced Joomla Scans
    • Version detection
    • Backup files finder
    • Admin page finder
    • Core vulnerability detection
    • Directory listing check
    • Config leak detection
    • Various other checks
  • Modular bruteforce organization
    • Use pre made bruteforce modules or exercise your ain as well as integrate amongst it

Requirements as well as Compatibility:
CMSeeK is built using python3, you lot volition postulate python3 to run this tool as well as is compitable amongst unix based systems equally of now. Windows back upwardly volition live added later. CMSeeK relies on git for auto-update as well as thus brand certain git is installed.

Installation as well as Usage:
It is fairly slowly to role CMSeeK, simply brand certain you lot convey python3 as well as git (just for cloning the repo) installed as well as role the next commands:
  • git clone https://github.com/Tuhinshubhra/CMSeeK
  • cd CMSeeK
  • pip/pip3 install -r requirements.txt
For guided scanning:
  • python3 cmseek.py
Else:
  • python3 cmseek.py -u [...]
Help bill of fare from the program:
USAGE:        python3 cmseek.py (for guided scanning) OR        python3 cmseek.py [OPTIONS]   SPECIFING TARGET:       -u URL, --url URL            Target Url       -l LIST, --list LIST         Path of the file containing listing of sites                                    for multi-site scan (comma separated)  MANIPULATING SCAN:       -i cms, --ignore--cms cms    Specify which CMS IDs to skip inwards social club to                                    avoid flase positive. separated yesteryear comma ","        --strict-cms cms             Checks target against a listing of provided                                    CMS IDs. separated yesteryear comma ","        --skip-scanned               Skips target if it's CMS was previously detected.  RE-DIRECT:       --follow-redirect            Follows all/any redirect(s)       --no-redirect                Skips all redirects as well as tests the input target(s)     USER AGENT:       -r, --random-agent           Use a random user agent       --googlebot                  Use Google bot user agent       --user-agent USER_AGENT      Specify a custom user agent  OUTPUT:       -v, --verbose                Increase output verbosity  VERSION & UPDATING:       --update                     Update CMSeeK (Requires git)       --version                    Show CMSeeK version as well as move out  HELP & MISCELLANEOUS:       -h, --help                   Show this assistance message as well as move out       --clear-result               Delete all the scan number  EXAMPLE USAGE:       python3 cmseek.py -u example.com                           # Scan example.com       python3 cmseek.py -l /home/user/target.txt                 # Scan the sites specified inwards target.txt (comma separated)       python3 cmseek.py -u example.com --user-agent Mozilla 5.0  # Scan example.com using custom user-Agent Mozilla is    5.0 used hither       python3 cmseek.py -u example.com --random-agent            # Scan example.com using a random user-Agent       python3 cmseek.py -v -u example.com                        # enabling verbose output piece scanning example.com

Checking For Update:
You tin strength out cheque for update either from the primary bill of fare or role python3 cmseek.py --update to cheque for update as well as apply machine update.
P.S: Please brand certain you lot convey git installed, CMSeeK uses git to apply machine update.

Detection Methods:
CMSeek detects CMS via the following:
  • HTTP Headers
  • Generator meta tag
  • Page source code
  • robots.txt

Supported CMSs:
CMSeeK currently tin strength out give away 170+ CMS. Check the listing here: cmss.py file which is acquaint inwards the cmseekdb directory. All the cmss are stored inwards the next way:
 cmsID = {    'name':'Name Of CMS',    'url':'Official URL of the CMS',    'vd':'Version Detection (0 for no, 1 for yes)',    'deeps':'Deep Scan (0 for no 1 for yes)'  }

Scan Result:
All of your scan results are stored inwards a json file named cms.json, you lot tin strength out give away the logs within the Result\ directory, as well as equally of the bruteforce results they're stored inwards a txt file nether the site's number directory equally well.

Here is an representative of the json study log:


Bruteforce Modules:
CMSeek has a modular bruteforce organization pregnant you lot tin strength out add together your custom made bruteforce modules to move amongst cmseek. H5N1 proper documentation for creating modules volition live created before long but inwards instance you lot already figured out how to (pretty slowly in 1 trial you lot analyze the pre-made modules) all you lot postulate to exercise is this:
  1. Add a comment just similar this # Bruteforce module. This volition assistance CMSeeK to know the lift of the CMS using regex
  2. Add approximately other comment ### cmseekbruteforcemodule, this volition assistance CMSeeK to know it is a module
  3. Copy as well as glue the module inwards the brutecms directory nether CMSeeK's directory
  4. Open CMSeeK as well as Rebuild Cache using R equally the input inwards the get-go menu.
  5. If everything is done correct you'll run across something similar this (refer to screenshot below) as well as your module volition live listed inwards bruteforce bill of fare the side yesteryear side fourth dimension you lot opened upwardly CMSeeK.

Need More Reasons To Use CMSeeK?
If non anything you lot tin strength out ever taste exiting CMSeeK (please don't), it volition bid you lot goodbye inwards a random goodbye message inwards diverse languages.
Also you lot tin strength out attempt reading comments inwards the code those are pretty random as well as weird!!!

Screenshots:
 Main Menu

Scan Result

 
WordPress Scan Result

Guidelines for opening an issue:
Please brand certain you lot convey the next information attached when opening a novel issue:
  • Target
  • Exact re-create of mistake or screenshot of error
  • Your operating organization as well as python version
Issues without these informations powerfulness non live answered!

Disclaimer:
Usage of CMSeeK for testing or exploiting websites without prior usual consistency tin strength out live considered equally an illegal activity. It is the lastly user's responsibleness to obey all applicable local, soil as well as federal laws. Authors assume no liability as well as are non responsible for whatsoever misuse or impairment caused yesteryear this program.

Follow @r3dhax0r:
Twitter

Team:
Team : Virtually Unvoid Defensive (VUD)


Tags :

Created By Nexus · Powered by Blogger
© All Rights Reserved

Terms Of Service · Privacy Policy · Disclaimer · Contact Us · About Us