# CMSmap is a python open source CMS scanner that automates the process # of detecting security flaws of the most popular CMSs. # The main purpose of CMSmap is to integrate common vulnerabilities for # different types of CMSs in a single tool.# At the moment, CMSs supported by CMSmap are WordPress, Joomla, Drupal and Moodle.
Usage
usage: cmsmap [-f W/J/D][-F][-t][-a][-H][-i][-o][-E][-d][-u][-p][-x][-k][-w][-v][-h][-D][-U W/J/D][target]
CMSmap tool v1.0 - Simple CMS Scanner
Author: Mike Manzotti
Scan:
target target URL (e.g. 'https://example.com:8080/')
-f W/J/D, --force W/J/D
force scan (W)ordpress, (J)oomla or (D)rupal
-F, --fullscan full scan using large plugin lists. False positives and slow!
-t , --threads number of threads (Default 5)
-a , --agent set custom user-agent
-H , --header add custom header (e.g. 'Authorization: Basic ABCD...')
-i , --input scan multiple targets listed in a given file
-o , --output save output in a file
-E, --noedb enumerate plugins without searching exploits
-c, --nocleanurls disable clean urls for Drupal only
-s, --nosslcheck don't validate the server's certificate
-d, --dictattack run low intense dictionary attack during scanning (5 attempts per user)
Brute-Force:
-u , --usr username or username file
-p , --psw password or password file
-x, --noxmlrpc brute forcing WordPress without XML-RPC
Post Exploitation:
-k , --crack password hashes file (Require hashcat installed. For WordPress and Joomla only)
-w , --wordlist wordlist file
Others:
-v, --verbose verbose mode (Default false)
-h, --help show this help message and exit
-D, --default rum CMSmap with default options
-U, --update use (C)MSmap, (P)lugins or (PC)for both
Examples:
cmsmap.py https://example.com
cmsmap.py https://example.com -f W -F --noedb -d
cmsmap.py https://example.com -i targets.txt -o output.txt
cmsmap.py https://example.com -u admin -p passwords.txt
cmsmap.py -k hashes.txt -w passwords.txt