Course Content
Introduction
0/6
Course Overview
Introduction to Kali Linux
Kali Linux – Installation and Configuration
Kali Linux – Information Gathering Tools
Kali Linux – Vulnerability Analyses Tools
Kali Linux – Wireless Attacks
Information Gathering
0/14
Dmitry – Deepmagic Information Gathering Tool
IKE Scan- Kali Linux
lbd – Tool to Detect Whether a Domain has Load Balancing Enabled
Netcat Tutorial Beginner to Advanced
Unicornscan – Network Scanning Tool
Fierce – Domain Scanning & Enumeration
OpenVAS – Open Vulnerability Assessment System
Nikto
WPScan : Scan WordPress Site for Vulnerability
CMSMAP – A SIMPLE VULNERABILITY SCANNER
Kismet – Wireless Network Hacking, Sniffing & Monitoring
Wireshark: A Complete Tutorial
Network Hacking – Information Gathering
Get information from a Phone Number 2020
Exploitation Tools
0/2
Beef Framework tutorial in Kali Linux
SET — The Social Engineering Toolkit
Password Cracking
0/7
Fluxion – Cracking WiFi without word list in Kali Linux
Aircrack-ng – Crack WPA/WPA2 WiFi
John the Ripper : Password cracking
THC Hydra – Email Hacking Tool in Kali Linux
FindMyHash – Dehashing Method in Kali Linux
RainbowCrack – A Password Cracking Tool
Social Engineering Toolkit – Kali Linux
Vulnerability Analysis
0/1
NMAP from Beginner to Advanced [Updated 2020]
Kali Linux
About Lesson

CMSMap aims to be a centralized solution for not only one, but up to four of the most popular CMS in terms of vulnerability detection, Unlike WPScan.

CMSmap is an open source project written in Python that helps automate the process of vulnerability scanning and detection in WordPress, Joomla, Drupal, and Moodle.

This tool is not only useful for detecting security flaws in these four popular CMS but also for running actual brute force attacks and launching exploits once a vulnerability has been found.

Main features include:

  • Supports multiple scan threats
  • Ability to set custom user-agent and header
  • Support for SSL encryption.
  • Verbose mode for debugging purposes
  • Saves output in a text file.

CMSmap is a multithreading tool, and by default is set to 5 threads. This is to reduce the likelihood of causing denial of service on the target website. However, there is an option that allows a user to increase the number of threads, and thus the speed of scanning.

CMSmap is meant to be easy to use, in sense that the only mandatory option is the target URL. However, CMSmap includes a brute-forcing module as well. If the user wants to run a brute-forcing attack, password/username files must be provided along with the URL. By default, Drupal is the only CMS that will lockout user accounts after a certain number of failed attempts. This means that unless a specific security plugin is installed you are pretty much free to brute force WordPress and Joomla login forms.

Installation

You can download the latest version of CMSmap by cloning the GitHub repository:

 git clone https://github.com/Dionach/CMSmap

Then you need to configure the edbtype and edbpath settings in the cmsmap.conf. Use GIT if you have a local Git repository of Exploit-db :

[exploitdb]
edbtype = GIT
edbpath = /opt/exploitdb/

Alternatively, use APT if you have installed the debian exploitdb package. For Kali, use the following settings :

[exploitdb]
edbtype = APT
edbpath = /usr/share/exploitdb/

If you would like to run cmsmap from anywhere in your system you can install it with pip3 :

cd CMSmap
pip3 install .

To uninstall it :

Hope this article helpful for you. Thank You

If You Appreciate What We Do Here On Hackonology, You Should Consider:

Hackonology is the fastest growing and most trusted community site where you can find lots of courses, articles about Technology/Hacking/Cracking. Millions of people visit Hackonology! to search or browse the thousands of published articles available FREELY to all.

Let's be a part of Hacker's Community! Join our Hacking Team

We Are Indian We Are Great

pip3 uninstall cmsmap -y

Usage

usage: cmsmap [-f W/J/D] [-F] [-t] [-a] [-H] [-i] [-o] [-E] [-d] [-u] [-p]
              [-x] [-k] [-w] [-v] [-h] [-D] [-U W/J/D]
CMSmap tool v1.0 - Simple CMS Scanner
Author: Mike Manzotti

Scan:
  target                target URL (e.g. 'https://example.com:8080/')
  -f W/J/D, --force W/J/D
                        force scan (W)ordpress, (J)oomla or (D)rupal
  -F, --fullscan        full scan using large plugin lists. False positives and slow!
  -t , --threads        number of threads (Default 5)
  -a , --agent          set custom user-agent
  -H , --header         add custom header (e.g. 'Authorization: Basic ABCD...')
  -i , --input          scan multiple targets listed in a given file
  -o , --output         save output in a file
  -E, --noedb           enumerate plugins without searching exploits
  -c, --nocleanurls     disable clean urls for Drupal only
  -s, --nosslcheck      don't validate the server's certificate
  -d, --dictattack      run low intense dictionary attack during scanning (5 attempts per user)

Brute Force:

-u , --usr            username or username file
-p , --psw            password or password file
-x, --noxmlrpc        brute forcing WordPress without XML-RPC

Post Exploitation:

-k , --crack          password hashes file (Require hashcat installed. For WordPress and Joomla only)
-w , --wordlist       wordlist file

Others:

-v, --verbose         verbose mode (Default false)
-h, --help            show this help message and exit
-D, --default         rum CMSmap with default options
-U, --update          use (C)MSmap, (P)lugins or (PC) for both

Example:

cmsmap.py https://example.com
cmsmap.py https://example.com -f W -F --noedb -d
cmsmap.py https://example.com -i targets.txt -o output.txt
cmsmap.py https://example.com -u admin -p passwords.txt
cmsmap.py -k hashes.txt -w passwords.txt
Previous
Next