Adds CMSmap v1.0

Author: root

.gitignore

@@ -0,0 +1,11 @@
+*.pyc
+*_plugins_small.txt
+*_versions.txt
+*_defaultfiles.txt
+*_defaultfolders.txt
+cmsmap/tmp/
+cmsmap/__pycache__/
+*.egg-info
+.vscode
+build
+dist

CONTRIBUTING.md

@@ -0,0 +1,10 @@
+Contribution Guidelines
+=====
+Pull requests are more than welcome! Below a few guidlines for submitting contributions:
+
+* Fork the repository, create a new branch and submit your pull request.
+* Give your pull request a useful title and descriptive comments.
+* Make sure your local repo is up to date before submitting your pull request.
+* Rebase your commits to squash multiple commits into one before submitting your pull request. This keeps the main repo commit history clean and makes it easier to revent changes.
+* Use Python 3
+* Please TEST YOUR CONTRIBUTION! Be sure that your contribution works against all CMSs before submitting. After testing, changes will be merged to master.

DISCLAIMER.txt

@@ -0,0 +1,3 @@
+Usage of CMSmap for attacking targets without prior mutual consent is illegal. 
+It is the end user's responsibility to obey all applicable local, state and federal laws. 
+Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program.

LICENSE.txt

@@ -0,0 +1,13 @@
+CMSmap is (C) 2013-2014 Mike Manzotti @ Dionach Ltd.
+
+This program is free software; you may redistribute and/or modify it under 
+the terms of the GNU General Public License as published by the Free Software Foundation, 
+either version 3 of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+GNU General Public License for more details.
+
+You should have received a copy of the GNU General Public License
+along with this program.  If not, see http://www.gnu.org/licenses/.

README.md

@@ -0,0 +1,102 @@
+CMSmap
+======
+
+CMSmap is a python open source CMS scanner that automates the process of detecting security flaws of the most popular CMSs. The main purpose of CMSmap is to integrate common vulnerabilities for different types of CMSs in a single tool.
+
+At the moment, CMSs supported by CMSmap are WordPress, Joomla, Drupal and Moodle.
+
+Please note that this project is an early state. As such, you might find bugs, flaws or mulfunctions.
+Use it at your own risk!
+
+
+Preview
+=====
+* https://asciinema.org/a/MELa2nUcrtATqnDLnc0ig8rcT
+
+
+Installation
+=====
+You can download the latest version of CMSmap by cloning the GitHub repository:
+
+     git clone https://github.com/Dionach/CMSmap
+
+Then you need to configure the `edbtype` and `edbpath` settings in the `cmsmap.conf`. Use `GIT` if you have a local Git repository of Exploit-db :
+
+    [exploitdb]
+    edbtype = GIT
+    edbpath = /opt/exploitdb/
+
+Alternatively, use `APT` if you have installed the `debian` exploitdb package. For Kali, use the following settings :
+
+    [exploitdb]
+    edbtype = APT
+    edbpath = /usr/share/exploitdb/
+
+If you would like to run `cmsmap` from anywhere in your system you can install it with `pip3` :
+
+    cd CMSmap
+    pip3 install .
+
+To uninstall it :
+
+    pip3 uninstall cmsmap -y
+
+
+Usage
+=====
+    usage: cmsmap [-f W/J/D] [-F] [-t] [-a] [-H] [-i] [-o] [-E] [-d] [-u] [-p]
+                  [-x] [-k] [-w] [-v] [-h] [-D] [-U W/J/D]
+                  [target]
+    
+    CMSmap tool v1.0 - Simple CMS Scanner
+    Author: Mike Manzotti
+    
+    Scan:
+      target                target URL (e.g. 'https://example.com:8080/')
+      -f W/J/D, --force W/J/D
+                            force scan (W)ordpress, (J)oomla or (D)rupal
+      -F, --fullscan        full scan using large plugin lists. False positives and slow!
+      -t , --threads        number of threads (Default 5)
+      -a , --agent          set custom user-agent
+      -H , --header         add custom header (e.g. 'Authorization: Basic ABCD...')
+      -i , --input          scan multiple targets listed in a given file
+      -o , --output         save output in a file
+      -E, --noedb           enumerate plugins without searching exploits
+      -c, --nocleanurls     disable clean urls for Drupal only
+      -s, --nosslcheck      don't validate the server's certificate
+      -d, --dictattack      run low intense dictionary attack during scanning (5 attempts per user)
+    
+    Brute-Force:
+      -u , --usr            username or username file
+      -p , --psw            password or password file
+      -x, --noxmlrpc        brute forcing WordPress without XML-RPC
+    
+    Post Exploitation:
+      -k , --crack          password hashes file (Require hashcat installed. For WordPress and Joomla only)
+      -w , --wordlist       wordlist file
+    
+    Others:
+      -v, --verbose         verbose mode (Default false)
+      -h, --help            show this help message and exit
+      -D, --default         rum CMSmap with default options
+      -U, --update          use (C)MSmap, (P)lugins or (PC) for both
+    
+    Examples:
+      cmsmap.py https://example.com
+      cmsmap.py https://example.com -f W -F --noedb -d
+      cmsmap.py https://example.com -i targets.txt -o output.txt
+      cmsmap.py https://example.com -u admin -p passwords.txt
+      cmsmap.py -k hashes.txt -w passwords.txt
+
+
+Contribution guidelines
+=====
+If you want to contribute to CMSmap, be sure to review the [contribution
+guidelines](CONTRIBUTING.md).
+
+
+Disclaimer
+=====
+Usage of CMSmap for attacking targets without prior mutual consent is illegal.
+It is the end user's responsibility to obey all applicable local, state and federal laws.
+Developers assume NO liability and are NOT responsible for any misuse or damage caused by this program.

__init__.py

@@ -0,0 +1,25 @@
+#!/usr/bin/python3
+import signal, sys
+
+from cmsmap.main import main
+from cmsmap.lib.report import report
+
+def exit(signum, frame):
+    signal.signal(signal.SIGINT, original_sigint)
+    try:
+        msg = "Interrupt caught. CMSmap paused. Do you really want to exit?"
+        report.error(msg)
+        if input("[y/N]: ").lower().startswith('y'):
+            msg = "Bye! Quitting.. "
+            report.message(msg)
+            sys.exit(1)
+    except KeyboardInterrupt:
+        msg = "Bye! Quitting.."
+        report.message(msg)
+        sys.exit(1)
+    signal.signal(signal.SIGINT, exit)
+
+if __name__ == "__main__":
+    original_sigint = signal.getsignal(signal.SIGINT)
+    signal.signal(signal.SIGINT, exit)
+    main()

cmsmap.py

@@ -0,0 +1,41 @@
+[general]
+user-agent = Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7
+dataPath = data
+wordlist =  wordlist/rockyou.txt
+common_files = data/common_files.txt
+conf_extensions = data/conf_extensions.txt
+
+[wordpress]
+wp_plugins = data/wp_plugins.txt
+wp_plugins_small = data/wp_plugins_small.txt
+wp_themes_small = data/wp_themes_small.txt
+wp_versions = data/wp_versions.txt
+wp_themes = data/wp_themes.txt
+wp_timthumbs = data/wp_timthumbs.txt
+wp_defaultFiles = data/wp_defaultfiles.txt
+wp_defaultFolders = data/wp_defaultfolders.txt
+
+[joomla]
+joo_plugins = data/joo_plugins.txt
+joo_plugins_small = data/joo_plugins_small.txt
+joo_versions = data/joo_versions.txt
+joo_defaultFiles = data/joo_defaultfiles.txt
+joo_defaultFolders = data/joo_defaultfolders.txt
+
+[drupal]
+dru_plugins = data/dru_plugins.txt
+dru_plugins_small = data/dru_plugins_small.txt
+dru_versions = data/dru_versions.txt
+dru_defaultFiles = data/dru_defaultfiles.txt
+dru_defaultFolders = data/dru_defaultfolders.txt
+
+[moodle]
+; moo_plugins = data/moo_plugins.txt
+; moo_plugins_small = data/moo_plugins_small.txt
+moo_versions = data/moo_versions.txt
+moo_defaultFiles = data/moo_defaultfiles.txt
+moo_defaultFolders = data/moo_defaultfolders.txt
+
+[exploitdb]
+edbtype = apt
+edbpath = /usr/share/exploitdb/