dionach / cmsmap Goto Github PK
View Code? Open in Web Editor NEWCMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
License: GNU General Public License v3.0
CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs.
License: GNU General Public License v3.0
CMSmap Version: what I got from git
CMS Type: wordpress
CMS Version:
Plugin Name:
OS Information:
[641] 0 08:42:30 root@xxx:~/CMSmap lsb_release -a
No LSB modules are available.
Distributor ID: TurnKey
Description: TurnKey GNU/Linux 9.12 (stretch)
Release: 9.12
Codename: stretch
I downloaded the git version and entered the dir and ran ./cmsmap.py and I got a stack trace:
[637] 0 08:40:16 root@xxx:~/CMSmap ./cmsmap.py
Traceback (most recent call last):
File "./cmsmap.py", line 4, in
from cmsmap.main import main
File "/root/CMSmap/cmsmap/main.py", line 9, in
from .lib.scanner import scanner
File "/root/CMSmap/cmsmap/lib/scanner.py", line 7, in
from .wpscan import wpscan
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 344, in
wpscan = WPScan()
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 35, in init
self.themes = [line.strip() for line in open(initializer.wp_themes)]
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 35, in
self.themes = [line.strip() for line in open(initializer.wp_themes)]
File "/usr/lib/python3.5/encodings/ascii.py", line 26, in decode
return codecs.ascii_decode(input, self.errors)[0]
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe4 in position 4533: ordinal not in range(128)
Content of cmsmap.conf is
[exploitdb]
edbtype = GIT
edbpath = /opt/exploit-database/
At least a help page but it doesn't work :(
For any more info, please ask.
CMSmap Version: 59dd0e2
CMS Type: Drupal 7
CMS Version: 7.44
OS Information: OSX 10.14.6
Run cmsmap against Drupal site.
The issue is following:
xargs: illegal option -- r
usage: xargs [-0opt] [-E eofstr] [-I replstr [-R replacements]] [-J replstr]
[-L number] [-n number [-x]] [-P maxprocs] [-s size]
[utility [argument ...]]
xargs: illegal option -- r
usage: xargs [-0opt] [-E eofstr] [-I replstr [-R replacements]] [-J replstr]
[-L number] [-n number [-x]] [-P maxprocs] [-s size]
[utility [argument ...]]
Related blackarch issue: BlackArch/blackarch#2365
It is currently impossible to use cmsmap on BlackArch Linux without root permissions because /usr/lib/python3.7/site-packages/cmsmap/
is write protected and cmsmap try to write in it, for example wp_plugins_small.txt
.
Why is wp_plugins_small.txt
no already in https://github.com/Dionach/CMSmap/tree/master/cmsmap/data ?
Also on Arch based distro exploitdb was install with pacman not apt-get or git so we can't use git either to update. So neither edbtype = APT
or edbtype = GIT
can work.
CMSmap Version: up to date
CMS Type: WordPress
CMS Version: identified in WPScan = 5.7.2
Plugin Name: exploits
OS Information: kali 20.4
with my authorization to test a client, performed basic scan with no exploits. Found X-Frame Options not enforced, and robots.txt found. Therefore, I'm looking to see what exploits would be produced removing the -E flag. I tried multiple variation options such as -f W -F -d combinations and still received missing pluging outputs:
also, ensured the config leveraged APT and usr/share/exploitdb was set correctly
sudo python3 cmsmap.py https://clientname.org
scan ran and detected the Xframe and robots file but couldn't exploit or provide further results:
cmsmap.py https://targetedclient.org -f W -F -x -d -o LSoutput1.txt
[-] Date & Time: 16/06/2021 11:21:26
[I] Threads: 5
[-] Target: https://redacted.to.protect.clientname
[I] Server: nginx
[I] X-Powered-By: WP Engine
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[I] X-Content-Type-Options: Not Enforced
[L] Robots.txt Found: https://redacted.org/robots.txt
[I] CMS Detection: WordPress
[I] Wordpress Theme: redacted
Traceback (most recent call last):
File "/opt/CMSmap/cmsmap.py", line 25, in
main()
File "/opt/CMSmap/cmsmap/main.py", line 174, in main
scanner.RunScanner()
File "/opt/CMSmap/cmsmap/lib/scanner.py", line 38, in RunScanner
self.FindCMSType()
File "/opt/CMSmap/cmsmap/lib/scanner.py", line 119, in FindCMSType
self.ForceCMSType()
File "/opt/CMSmap/cmsmap/lib/scanner.py", line 49, in ForceCMSType
wpscan.WPrun()
File "/opt/CMSmap/cmsmap/lib/wpscan.py", line 48, in WPrun
self.WPConfigFiles()
File "/opt/CMSmap/cmsmap/lib/wpscan.py", line 125, in WPConfigFiles
requester.request(self.url + "/wp-config" + file, data=None)
File "/opt/CMSmap/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/lib/python3.9/urllib/request.py", line 214, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.9/urllib/request.py", line 517, in open
response = self._open(req, data)
File "/usr/lib/python3.9/urllib/request.py", line 534, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
File "/usr/lib/python3.9/urllib/request.py", line 494, in _call_chain
result = func(*args)
File "/usr/lib/python3.9/urllib/request.py", line 1389, in https_open
return self.do_open(http.client.HTTPSConnection, req,
File "/usr/lib/python3.9/urllib/request.py", line 1350, in do_open
r = h.getresponse()
File "/usr/lib/python3.9/http/client.py", line 1347, in getresponse
response.begin()
File "/usr/lib/python3.9/http/client.py", line 307, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.9/http/client.py", line 276, in _read_status
raise RemoteDisconnected("Remote end closed connection without"
http.client.RemoteDisconnected: Remote end closed connection without response
Describe how to reproduce the issue
see above.
not sure, but expected some results, not traceback errors
Describe how CMSmap should have handled the issue
First time running into this issue, or leveraging CMSmap without the -E
CMSmap Version: 1.0
CMS Type: WordPress
CMS Version: 5.5.1
Plugin Name: ...
OS Information: Ubuntu 18.04/Apache/2.4.29
Fresh install, run it on my WP installation
Run the scanner
Python error:
Traceback (most recent call last):
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/threading.py", line 932, in _bootstrap_inner
self.run()
File "/usr/local/lib/python3.8/site-packages/cmsmap/lib/threadscanner.py", line 30, in run
requester.request(self.url + self.pluginPath + plugin + self.pluginPathEnd, data=None)
File "/usr/local/lib/python3.8/site-packages/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 222, in urlopen
return opener.open(url, data, timeout)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 525, in open
response = self._open(req, data)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 542, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 502, in _call_chain
result = func(*args)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 1393, in https_open
return self.do_open(http.client.HTTPSConnection, req,
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 1350, in do_open
h.request(req.get_method(), req.selector, req.data, headers,
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1255, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1266, in _send_request
self.putrequest(method, url, **skips)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1100, in putrequest
self._validate_path(url)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1200, in _validate_path
raise InvalidURL(f"URL can't contain control characters. {url!r} "
http.client.InvalidURL: URL can't contain control characters. '/wp-content/plugins/worprees plugin bug dar/' (found at least ' ')
Last version Kali and CMSmap
root@kali:~/CMSmap# python cmsmap.py -t https://example.com
Traceback (most recent call last):
File "cmsmap.py", line 4, in
from cmsmap.main import main
File "/root/CMSmap/cmsmap/main.py", line 4, in
from urllib.parse import urlparse
ImportError: No module named parse
Anu help?
I can't exec, every time I get this error:
[-] Date & Time: 20/04/2019 02:04:19 [ERROR] ExploitDB Git repository was not found [-] Clone ExploitDB repository: git clone https://github.com/offensive-security/exploit-database [-] Then set the ExploitDB path "edbpath" in cmsmap.conf [-] ie: edbpath = /opt/exploitdb/
Im using mac, and I updated the path on the file. What else can it be?
Please let me know.
CMSmap/cmsmap/lib/requester.py
Line 29 in 59dd0e2
When i run CMSMap and it's checking for Plugins, there is plugin path that have space in their name then program throw an exception "http.client.InvalidURL: URL can't contain control characters.", so i debug the line like below
Before:
self.response = urllib.request.urlopen(self.req, context=self.ctx)
self.response = urllib.request.urlopen(self.req)
After:
from urllib import parse
self.response = urllib.request.urlopen(url=parse.quote_plus(self.req.get_full_url(), safe=':/'), context=self.ctx)
self.response = urllib.request.urlopen(url=parse.quote_plus(self.req.get_full_url(), safe=':/'))
There is actually other 5 self.response, you can update all of them
┌──(root💀localhost)-[/home/kali/CMSmap]
└─# python3 cmsmap.py https://hackertarget.com
[-] Date & Time: 04/06/2021 20:03:46
[I] Threads: 5
[-] Target: https://hackertarget.com (35.190.61.45)
[I] Server: nginx
[L] X-Frame-Options: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: https://hackertarget.com/robots.txt
[I] CMS Detection: WordPress [-] WordPress usernames identified:
[M] jody-admin
[M] the admin
[M] XML-RPC services are enabled
[I] Autocomplete Off Not Found: https://hackertarget.com/wp-login.php
[-] Default WordPress Files:
[-] Searching Wordpress Plugins ...
80%Exception in thread Thread-5:
Traceback (most recent call last):
File "/usr/lib/python3.8/threading.py", line 932, in _bootstrap_inner
self.run()
File "/home/kali/CMSmap/cmsmap/lib/threadscanner.py", line 30, in run
requester.request(self.url + self.pluginPath + plugin + self.pluginPathEnd, data=None)
File "/home/kali/CMSmap/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/lib/python3.8/urllib/request.py", line 222, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.8/urllib/request.py", line 525, in open
response = self._open(req, data)
File "/usr/lib/python3.8/urllib/request.py", line 542, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
File "/usr/lib/python3.8/urllib/request.py", line 502, in _call_chain
result = func(*args) File "/usr/lib/python3.8/urllib/request.py", line 1393, in https_open
return self.do_open(http.client.HTTPSConnection, req,
File "/usr/lib/python3.8/urllib/request.py", line 1350, in do_open
h.request(req.get_method(), req.selector, req.data, headers,
File "/usr/lib/python3.8/http/client.py", line 1255, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.8/http/client.py", line 1266, in _send_request
self.putrequest(method, url, **skips)
File "/usr/lib/python3.8/http/client.py", line 1100, in putrequest
self._validate_path(url)
File "/usr/lib/python3.8/http/client.py", line 1200, in _validate_path
raise InvalidURL(f"URL can't contain control characters. {url!r} "
http.client.InvalidURL: URL can't contain control characters. '/wp-content/plugins/worprees plugin bug dar/' (found at least ' ')
99%^
CMSmap Version: Newest
CMS Type: scan
CMS Version: Newest
Plugin Name:
OS Information: Kali linux 2018.2 debian
python3 cmsmap.py -t lyceum.univer.kharkov.ua -f J -F noedb
Traceback (most recent call last):
File "cmsmap.py", line 25, in
main()
File "/root/CMSmap/cmsmap/main.py", line 84, in main
initializer.threads = int(args.threads)
ValueError: invalid literal for int() with base 10: 'lyceum.univer.kharkov.ua'
Describe how CMSmap should have handled the issue
CMSmap Version: CMSmap tool v1.0
CMS Type: all
CMS Version: all
Plugin Name: cmsmap.py
OS Information: CentOS 7
python3 cmsmap.py [url]
Then we get thousands of these notices:
[i] Found (#1): /home/merlinwoff/exploitdb/files_exploits.csv
[i] To remove this message, please edit "/home/merlinwoff/exploitdb/.searchsploit_rc" for "files_exploits.csv" (package_array: exploitdb)
This happens since it asked me, if a want to update and I said yes.
Does anyone know this issue?
(I am using a cloned git of exploit db, since I am on centos and not on kali)
CMSmap Version: v1.0
CMS Type: non specified
CMS Version:
Plugin Name:
OS Information: Kali latest
root@kali:~/CMSmap# cmsmap webserver.here
[-] Date & Time: 12/12/2019 21:38:25
Traceback (most recent call last):
File "/usr/local/bin/cmsmap", line 10, in
sys.exit(main())
File "/usr/local/lib/python3.7/dist-packages/cmsmap/main.py", line 168, in main
addr = socket.gethostbyname(urlparse(args.target).hostname)
TypeError: gethostbyname() argument 1 must be str, bytes or bytearray, not None
Describe how to reproduce the issue
Describe how CMSmap should have handled the issue
CMSmap Version: CMSmap tool v1.0 - Simple CMS Scanne
CMS Type: Joomla
CMS Version: Joomla Version: 3.8.8
Plugin Name:
OS Information:
install exploitdb with searchsploit
run the cmsmap and see errors when searchsploit is called
No searchsploit usage
had to change a file in cmsmap/lib/exploitdbsearch.py
the the colour parameter had to be changed
self.grepCMD = self.searchsploit+" --disable-colour "
...
CMSmap Version: current
CMS Type: moodle, but the tool say wordpress
CMS Version: crash
Plugin Name: cmsmap crashes when searching plugins
OS Information: ubuntu 16.04
Describe how to reproduce the issue
cmsmap https://dominioalvo/moodle/index.php
Describe how CMSmap should have handled the issue
Return vulnerabilities
[-] Default WordPress Files:
[-] Searching Wordpress Plugins ...
77%Exception in thread Thread-5:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/usr/local/lib/python3.6/dist-packages/cmsmap/lib/threadscanner.py", line 30, in run
requester.request(self.url + self.pluginPath + plugin + self.pluginPathEnd, data=None)
File "/usr/local/lib/python3.6/dist-packages/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/lib/python3.6/urllib/request.py", line 223, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.6/urllib/request.py", line 526, in open
response = self._open(req, data)
File "/usr/lib/python3.6/urllib/request.py", line 544, in _open
'_open', req)
File "/usr/lib/python3.6/urllib/request.py", line 504, in _call_chain
result = func(*args)
File "/usr/lib/python3.6/urllib/request.py", line 1368, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/lib/python3.6/urllib/request.py", line 1325, in do_open
encode_chunked=req.has_header('Transfer-encoding'))
File "/usr/lib/python3.6/http/client.py", line 1264, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.6/http/client.py", line 1275, in _send_request
self.putrequest(method, url, **skips)
File "/usr/lib/python3.6/http/client.py", line 1129, in putrequest
raise InvalidURL(f"URL can't contain control characters. {url!r} "
http.client.InvalidURL: URL can't contain control characters. '/moodle/index.php/wp-content/plugins/worprees plugin bug dar/' (found at least ' ')
OS; Linux parrot 4.17.0-parrot17-amd64 #1 SMP Parrot 4.17.17-1parrot17 (2018-08-27) x86_64 GNU/Linux
enter the command: python3 cmsmap.py -i drupal.txt -o good.txt
(drupal.txt have the form:
http://site1.com
http://site2.com
http://site3.com
http://*******.com)
└──╼ $python3 cmsmap.py -i drupal.txt -o good.txt
[-] Date & Time: 22/10/2018 13:44:07
[I] Threads: 5
[-] Target: http://site1.com (ip.ip.ip.ip)
[M] Website Not in HTTPS: http://site1.com
[I] Server: nginx/1.14.0
[I] X-Powered-By: PHP/5.3.29
[L] X-Generator: Drupal 7 (http://drupal.org)
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: http://site1.com/robots.txt
[I] CMS Detection: Drupal
[I] Drupal Version: 7.41
[M] EDB-ID: 44448 "Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)"
[M] EDB-ID: 44449 "Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution"
[M] EDB-ID: 44482 "Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)"
[M] EDB-ID: 44542 "Drupal < 7.58 - 'drupalgeddon3' (Authenticated) Remote Code Execution (PoC)"
[M] EDB-ID: 44557 "Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)"
[I] Drupal Theme: bartik
[-] Enumerating Drupal Usernames via "Views" Module...
[-] Enumerating Drupal Usernames via "Blog" Module...
[-] Enumerating Drupal Usernames via "/user/"...
[I] Autocomplete Off Not Found: http://site1.com/user/
[-] Drupal Default Files:
[-] Drupal is likely to have a large number of default files
[-] Would you like to list them all?
[y/N]: N
[I] Forgotten Password Allows Username Enumeration: http://site1.com/user/password
[-] Search Drupal Modules ...
[I] book
[I] comment
[I] content
[I] ctools
[I] field
[I] jcaption
[I] jquery_update
[I] node
[I] panels
[I] responsive
[I] search
[I] system
[I] user
[I] views
[I] Checking for Directory Listing Enabled ...
[I] Threads: 5
[-] Target: http://site2.com (ip.ip.ip.ip)
[M] Website Not in HTTPS: http://site2.com
[I] Server: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.30
[I] X-Powered-By: PHP/5.4.30
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: http://site2.com/robots.txt
[I] CMS Detection: Drupal
Traceback (most recent call last):
File "cmsmap.py", line 25, in
main()
File "/home/max/Desktop/CMSmap/cmsmap/main.py", line 154, in main
scanner.RunScanner()
File "/home/max/Desktop/CMSmap/cmsmap/lib/scanner.py", line 40, in RunScanner
self.ForceCMSType()
File "/home/max/Desktop/CMSmap/cmsmap/lib/scanner.py", line 61, in ForceCMSType
druscan.Drurun()
File "/home/max/Desktop/CMSmap/cmsmap/lib/druscan.py", line 35, in Drurun
self.DruVersion()
TypeError: 'str' object is not callable
CMSmap Version: recent version
What to do and how to be?
./cmsmap.py http://gevpgkrb.ac.in
[-] Date & Time: 13/04/2019 20:23:16
Traceback (most recent call last):
File "/root/Desktop/CMSmap/cmsmap/main.py", line 168, in main
addr = socket.gethostbyname(urlparse(args.target).hostname)
socket.gaierror: [Errno -2] Name or service not known
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "./cmsmap.py", line 25, in
main()
File "/root/Desktop/CMSmap/cmsmap/main.py", line 180, in main
msg = "Unable to resolve: " + scanner.url
TypeError: must be str, not NoneType
CMSmap Version: 1.0
CMS Type:
CMS Version:
Plugin Name:
OS Information: windows 10 Enterprise Edition 1903
py cmamap.py target
Traceback (most recent call last):
File "cmsmap.py", line 4, in
from cmsmap.main import main
File "E:\CMSmap\cmsmap\main.py", line 9, in
from .lib.scanner import scanner
File "E:\CMSmap\cmsmap\lib\scanner.py", line 7, in
from .wpscan import wpscan
File "E:\CMSmap\cmsmap\lib\wpscan.py", line 344, in
wpscan = WPScan()
File "E:\CMSmap\cmsmap\lib\wpscan.py", line 35, in init
self.themes = [line.strip() for line in open(initializer.wp_themes)]
File "E:\CMSmap\cmsmap\lib\wpscan.py", line 35, in
self.themes = [line.strip() for line in open(initializer.wp_themes)]
UnicodeDecodeError: 'gbk' codec can't decode byte 0xad in position 4899: illegal multibyte sequence
CMSmap Version:
CMS Type:
CMS Version:
Plugin Name:
OS Information:
Describe how to reproduce the issue
Describe how CMSmap should have handled the issue
Hello,
It is still needed user input for update even after providing the -U flag. Can you please let me know whats the proper Flag to use.
There is this new CMS that is spreading nowadays called maxdev CMS... it seems pretty good however there are already some vulnerabilities just searching in exploit.db and on vuldb (just type maxdev in search bar)
You could add this cms and these vulnerabilities but also many others vulnerabilities if there are by searching on the internet...
use command line arguments instead of reading user input - y/n, e.g. for cmsmap update; this way better scripting can be achieved
cmsmap/tmp/
CMSmap Version: v1.0
OS Information: Kali Linux 2018.3
Following error received while scanning target, some can help please to resolve the issue.
[I] CMS Detection: WordPress
Traceback (most recent call last):
File "/root/CMSmap/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/lib/python3.6/urllib/request.py", line 223, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.6/urllib/request.py", line 532, in open
response = meth(req, response)
File "/usr/lib/python3.6/urllib/request.py", line 642, in http_response
'http', request, response, code, msg, hdrs)
File "/usr/lib/python3.6/urllib/request.py", line 570, in error
return self._call_chain(*args)
File "/usr/lib/python3.6/urllib/request.py", line 504, in _call_chain
result = func(*args)
File "/usr/lib/python3.6/urllib/request.py", line 650, in http_error_default
raise HTTPError(req.full_url, code, msg, hdrs, fp)
urllib.error.HTTPError: HTTP Error 404: Not Found
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/http/client.py", line 546, in _get_chunk_left
chunk_left = self._read_next_chunk_size()
File "/usr/lib/python3.6/http/client.py", line 513, in _read_next_chunk_size
return int(line, 16)
ValueError: invalid literal for int() with base 16: b''
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.6/http/client.py", line 563, in _readall_chunked
chunk_left = self._get_chunk_left()
File "/usr/lib/python3.6/http/client.py", line 548, in _get_chunk_left
raise IncompleteRead(b'')
http.client.IncompleteRead: IncompleteRead(0 bytes read)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "cmsmap.py", line 25, in
main()
File "/root/CMSmap/cmsmap/main.py", line 174, in main
scanner.RunScanner()
File "/root/CMSmap/cmsmap/lib/scanner.py", line 40, in RunScanner
self.ForceCMSType()
File "/root/CMSmap/cmsmap/lib/scanner.py", line 49, in ForceCMSType
wpscan.WPrun()
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 48, in WPrun
self.WPConfigFiles()
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 125, in WPConfigFiles
requester.request(self.url + "/wp-config" + file, data=None)
File "/root/CMSmap/cmsmap/lib/requester.py", line 38, in request
self.htmltext = e.read().decode('utf-8', 'ignore')
File "/usr/lib/python3.6/tempfile.py", line 624, in func_wrapper
return func(*args, **kwargs)
File "/usr/lib/python3.6/http/client.py", line 456, in read
return self._readall_chunked()
File "/usr/lib/python3.6/http/client.py", line 570, in _readall_chunked
raise IncompleteRead(b''.join(value))
http.client.IncompleteRead: IncompleteRead(1245 bytes read)
[ERROR] [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)
CMSmap Version: v1.0
CMS Type: Wordpress
CMS Version: 2.7.1
Plugin Name: -
OS Information: CentOS 8
Getting strange error with control characters in URLs after updating ExploitDB.
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib64/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/opt/CMSmap/cmsmap/lib/threadscanner.py", line 30, in run
requester.request(self.url + self.pluginPath + plugin + self.pluginPathEnd, data=None)
File "/opt/CMSmap/cmsmap/lib/requester.py", line 29, in request
self.response = urllib.request.urlopen(self.req, context=self.ctx)
File "/usr/lib64/python3.6/urllib/request.py", line 223, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib64/python3.6/urllib/request.py", line 526, in open
response = self._open(req, data)
File "/usr/lib64/python3.6/urllib/request.py", line 544, in _open
'_open', req)
File "/usr/lib64/python3.6/urllib/request.py", line 504, in _call_chain
result = func(*args)
File "/usr/lib64/python3.6/urllib/request.py", line 1361, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/lib64/python3.6/urllib/request.py", line 1318, in do_open
encode_chunked=req.has_header('Transfer-encoding'))
File "/usr/lib64/python3.6/http/client.py", line 1254, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib64/python3.6/http/client.py", line 1265, in _send_request
self.putrequest(method, url, **skips)
File "/usr/lib64/python3.6/http/client.py", line 1127, in putrequest
raise InvalidURL(f"URL can't contain control characters. {url!r} "
http.client.InvalidURL: URL can't contain control characters. '.../wp-content/plugins/worprees plugin bug dar/' (found at least ' ')
CMSmap Version: downloaded from git
CMS Type:
CMS Version:
Plugin Name:
OS Information: Lin
When running against URL I get problems with plugin part.
"http.client.InvalidURL: URL can't contain control characters. /wp-content/plugins/wordprees plugin bug da/ (found at least ' ')
Well finish the scan normally.
I did see the solution about eplace from wordprees plugin bug dar to wordpress_plugin_bug_da but there's no file wp_plugins_small.txt nor in my directory or in the current code section
CMSmap Version: v1.0
CMS Type: Drupal
CMS Version: 7.28
Plugin Name: drupal
OS Information: archlinux
CMS map doesn't find drupal by default but does when we force it.
$ python3 ~/CTF/tools/cmsmap/cmsmap.py http://10.x.x.x[I] Threads: 5
...
[-] Target: http://10.x.x.x (10.x.x.x)
[M] Website Not in HTTPS: http://10.x.x.x
[I] Server: Microsoft-IIS/8.5
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[I] X-Content-Type-Options: Not Enforced
[L] Robots.txt Found: http://10.11.1.49/robots.txt
[ERROR] CMS detection failed :(
[ERROR] Use -f to force CMSmap to scan (W)ordpress, (J)oomla or (D)rupal
$ python3 ~/CTF/tools/cmsmap/cmsmap.py http://10.x.x.x -f D
[-] Date & Time: 15/06/2019 00:17:47
[I] Threads: 5
[-] Target: http://10.x.x.x (10.x.x.x)
[M] Website Not in HTTPS: http://10.x.x.x
[I] Server: Microsoft-IIS/8.5
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[I] X-Content-Type-Options: Not Enforced
[L] Robots.txt Found: http://10.x.x.x/robots.txt
[I] CMS Detection: Drupal
[I] Drupal Version: 7.28
...
Detect CMS type and version by default
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.