SkillAgentSearch skills...

Cmsfinder

Detect Web CMS software type and version in specified path. CMS signatures and actual versions database.

GenerateConvertImprove

Install / Use

/learn @diphost/Cmsfinder
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

CMS Finder

Detect Web CMS software type and version in specified path. CMS signatures and actual versions database.

Initially based on weakly maintained https://github.com/JamesDooley/VersionFinder

Features

  • Fast and simple
  • Only Python 2 in the requirements
  • Russian 1C-Bitrix, UMI.CMS and NetCat commercial CMS detection
  • It is possible to define outdated versions in different CMS branches
  • Single scan from argument and bulk scan paths from file available

What for

It is designed to search for potentially vulnerable CMS. This helps sell customers a complementary service

CMS Finder

Usage

Command help

./cmsfinder --help
usage: cmsfinder [-h] [-v] [-s FILENAME] [-l [FILENAME] | PATH]

positional arguments:
  PATH           Path to site
  
  optional arguments:
    -h, --help     show this help message and exit
    -v             increase verbosity of the logging, -vvv for debug
    -s FILENAME    Signatures file
    -l [FILENAME]  Site paths from file

Scan single path (DocumentRoot)

./cmsfinder -v /var/www/www-root/htdocs

Scan paths from file

./cmsfinder -v -l sitelist.lst >result.lst

Result string

PATH CMS VERSION LAST SUPPORT

  • PATH - path of site, i.e. DocumentRoot
  • CMS - friendly name of cms signature
  • VERSION - detected CMS version
  • LAST - newest version on detected branch with one of the prefix:
    • '<' - detected version is older than latest version on this branch
    • '=' - detected version is the freshest version on this branch
    • '>' - detected version is newer than latest version on this branch (oh!)
  • SUPPORT - support level
    • 'eol' - End Of Life - this branch not supported yet
    • 'limited' - may or may not get updates
    • 'supported' - fully supported
    • 'current' - the freshest supported branch
~$ ./cmsfinder /var/www/www-root/htdocs
/var/www/www-root/htdocs wordpress 4.6.2 <4.6.4 limited
~$

TODO

  • Anime chan mascot
  • Developers Guide
  • Implement github or gitlab flow
  • Make custom signature sets
  • Cover the code with comments
  • Fill in supported versions for all CMS. Only Drupal, WordPress and Joomla presents
  • Add more popular CMSes
  • Ansible role (good idea for outsourcing automation :)
  • Improve some check algorithms

UNLICENSE

diphost

View profile

View on GitHub
GitHub Stars18
CategoryData
Updated2y ago
Forks5
diphost/cmsfinder

Languages

Python

Security Score

75/100

Audited on Aug 9, 2023

No findings