콘텐츠로 이동
1337skills 1337skills - 치트시트

CMSeeK

Overview

섹션 제목: “Overview”

CMSeeK is a powerful CMS detection and exploitation suite designed for penetration testers and security researchers. It automatically identifies 180+ content management systems (WordPress, Joomla, Drupal, Magento, etc.) and provides vulnerability scanning with automatic exploit suggestions. The tool streamlines reconnaissance and vulnerability assessment during security audits.

Installation

섹션 제목: “Installation”

Prerequisites

섹션 제목: “Prerequisites”
  • Python 3.x
  • Git
  • pip

Basic Installation

섹션 제목: “Basic Installation”
git clone https://github.com/Tuhinshubhra/CMSeeK.git
cd CMSeeK
pip install -r requirements.txt
python3 cmseek.py

On Linux/macOS

섹션 제목: “On Linux/macOS”
chmod +x cmseek.py
python3 cmseek.py -u http://target.com

Docker Installation

섹션 제목: “Docker Installation”
docker pull tuhinshubhra/cmseek
docker run -it tuhinshubhra/cmseek python3 cmseek.py -u http://target.com

Basic Usage

섹션 제목: “Basic Usage”
CommandDescription
python3 cmseek.py -u <url>Detect CMS on target URL
python3 cmseek.py -u <url> -vVerbose output with detailed info
python3 cmseek.py -u <url> --followFollow redirects
python3 cmseek.py -u <url> --timeout 20Set custom timeout in seconds
python3 cmseek.py --helpDisplay help menu

CMS Detection

섹션 제목: “CMS Detection”

Single URL Detection

섹션 제목: “Single URL Detection”
python3 cmseek.py -u http://example.com

Output includes:

  • CMS name and version
  • Detection confidence
  • Admin panel location
  • Vulnerable components
  • Recommended exploits

With Custom User-Agent

섹션 제목: “With Custom User-Agent”
python3 cmseek.py -u http://example.com -a "Mozilla/5.0 (Windows NT 10.0; Win64; x64)"

Scan Multiple URLs from File

섹션 제목: “Scan Multiple URLs from File”
python3 cmseek.py -l urls.txt

Create urls.txt:

http://target1.com
http://target2.com
http://target3.com

Vulnerability Scanning

섹션 제목: “Vulnerability Scanning”

Basic Vulnerability Scan

섹션 제목: “Basic Vulnerability Scan”
python3 cmseek.py -u http://example.com --cms wordpress

Force CMS Type

섹션 제목: “Force CMS Type”
python3 cmseek.py -u http://example.com --force-cms joomla

Supported CMS platforms:

  • WordPress
  • Joomla
  • Drupal
  • Magento
  • OpenCart
  • PrestaShop
  • Concrete5
  • Ghost
  • Typo3

Output Results

섹션 제목: “Output Results”
python3 cmseek.py -u http://example.com -o report.html

Advanced Options

섹션 제목: “Advanced Options”

Proxy Configuration

섹션 제목: “Proxy Configuration”
python3 cmseek.py -u http://example.com --proxy http://127.0.0.1:8080

SOCKS5 Proxy

섹션 제목: “SOCKS5 Proxy”
python3 cmseek.py -u http://example.com --socks5 127.0.0.1:1080

SSL/TLS Options

섹션 제목: “SSL/TLS Options”
python3 cmseek.py -u https://example.com --no-ssl-verify
python3 cmseek.py -u https://example.com --cert /path/to/cert.pem

Batch Scanning with Options

섹션 제목: “Batch Scanning with Options”
python3 cmseek.py -l urls.txt --follow --timeout 15 -v

WordPress Detection

섹션 제목: “WordPress Detection”

WordPress-Specific Scanning

섹션 제목: “WordPress-Specific Scanning”
python3 cmseek.py -u http://example.com --cms wordpress

CMSeeK detects:

  • WordPress version
  • Active plugins
  • Active themes
  • Vulnerable plugins
  • Admin panel location (usually /wp-admin/)

WordPress Enumeration

섹션 제목: “WordPress Enumeration”
python3 cmseek.py -u http://example.com -e wordpress

Joomla Detection

섹션 제목: “Joomla Detection”

Joomla CMS Detection

섹션 제목: “Joomla CMS Detection”
python3 cmseek.py -u http://example.com --cms joomla

Identifies:

  • Joomla version
  • Installed components
  • Vulnerable extensions
  • Administrator panel

Joomla-Specific Vulnerability Check

섹션 제목: “Joomla-Specific Vulnerability Check”
python3 cmseek.py -u http://example.com --force-cms joomla --vuln

Drupal Detection

섹션 제목: “Drupal Detection”

Drupal CMS Identification

섹션 제목: “Drupal CMS Identification”
python3 cmseek.py -u http://example.com --cms drupal

Detects:

  • Drupal version
  • Installed modules
  • Vulnerable modules
  • Core vulnerabilities

Module Enumeration

섹션 제목: “Module Enumeration”
python3 cmseek.py -u http://example.com -e drupal-modules

Vulnerability Exploitation

섹션 제목: “Vulnerability Exploitation”

Automatic Exploit Suggestions

섹션 제목: “Automatic Exploit Suggestions”
python3 cmseek.py -u http://example.com --exploit

CMSeeK provides:

  • CVE numbers
  • Vulnerability descriptions
  • PoC links
  • Remediation steps

Get Exploits for Detected Vulnerabilities

섹션 제목: “Get Exploits for Detected Vulnerabilities”
python3 cmseek.py -u http://example.com -e all

Custom Exploit Database

섹션 제목: “Custom Exploit Database”
python3 cmseek.py -u http://example.com --db /custom/exploits/

Output and Reporting

섹션 제목: “Output and Reporting”

HTML Report Generation

섹션 제목: “HTML Report Generation”
python3 cmseek.py -u http://example.com -o results.html

JSON Output

섹션 제목: “JSON Output”
python3 cmseek.py -u http://example.com -j results.json

CSV Export

섹션 제목: “CSV Export”
python3 cmseek.py -l urls.txt -c results.csv

Verbose Console Output

섹션 제목: “Verbose Console Output”
python3 cmseek.py -u http://example.com -v

Configuration

섹션 제목: “Configuration”

Config File Location

섹션 제목: “Config File Location”
~/.cmseek/config.conf

Common Settings

섹션 제목: “Common Settings”
[DEFAULT]
timeout = 10
follow_redirects = true
user_agent = custom_ua
proxy = http://127.0.0.1:8080
threads = 5

Custom Configuration File

섹션 제목: “Custom Configuration File”
python3 cmseek.py -u http://example.com --config custom.conf

Performance Tuning

섹션 제목: “Performance Tuning”

Multi-threading for Batch Operations

섹션 제목: “Multi-threading for Batch Operations”
python3 cmseek.py -l urls.txt --threads 10

Timeout Configuration

섹션 제목: “Timeout Configuration”
python3 cmseek.py -u http://example.com --timeout 30

Connection Pooling

섹션 제목: “Connection Pooling”
python3 cmseek.py -l urls.txt --keepalive

Security Headers Detection

섹션 제목: “Security Headers Detection”

Scan Security Headers

섹션 제목: “Scan Security Headers”
python3 cmseek.py -u http://example.com --headers

Checks for:

  • X-Frame-Options
  • Content-Security-Policy
  • X-Content-Type-Options
  • HSTS

Custom Header Scanning

섹션 제목: “Custom Header Scanning”
python3 cmseek.py -u http://example.com --header "Authorization: Bearer token"

Filtering and Targeting

섹션 제목: “Filtering and Targeting”

Skip Certain CMS Types

섹션 제목: “Skip Certain CMS Types”
python3 cmseek.py -u http://example.com --skip wordpress,joomla

Target Specific CMS Only

섹션 제목: “Target Specific CMS Only”
python3 cmseek.py -u http://example.com --only drupal

URL Pattern Filtering

섹션 제목: “URL Pattern Filtering”
python3 cmseek.py -l urls.txt --filter "*.edu"

Common Workflows

섹션 제목: “Common Workflows”

Complete Reconnaissance

섹션 제목: “Complete Reconnaissance”
python3 cmseek.py -u http://example.com -v -e all -o report.html

Batch Site Auditing

섹션 제목: “Batch Site Auditing”
python3 cmseek.py -l sites.txt --threads 5 -o results.html

Vulnerability Assessment

섹션 제목: “Vulnerability Assessment”
python3 cmseek.py -u http://example.com --cms wordpress --vuln --exploit

CMS Version Detection Only

섹션 제목: “CMS Version Detection Only”
python3 cmseek.py -u http://example.com --version-only

Troubleshooting

섹션 제목: “Troubleshooting”

Connection Timeout Issues

섹션 제목: “Connection Timeout Issues”
python3 cmseek.py -u http://example.com --timeout 60 --follow

SSL Certificate Errors

섹션 제목: “SSL Certificate Errors”
python3 cmseek.py -u https://example.com --no-ssl-verify

Proxy Authentication

섹션 제목: “Proxy Authentication”
python3 cmseek.py -u http://example.com --proxy http://user:pass@127.0.0.1:8080

Update Exploit Database

섹션 제목: “Update Exploit Database”
python3 cmseek.py --update-db

Detection Signatures

섹션 제목: “Detection Signatures”

WordPress Detection Methods

섹션 제목: “WordPress Detection Methods”
# Checks wp-content directory
# Looks for wp-includes files
# Scans readme.html
# Identifies wp-admin panel

Joomla Detection Methods

섹션 제목: “Joomla Detection Methods”
# Checks media/jui/css
# Scans robots.txt patterns
# Looks for administrator panel
# Detects Joomla version patterns

General Detection

섹션 제목: “General Detection”

CMSeeK uses:

  • HTTP header analysis
  • Source code fingerprinting
  • Cookie patterns
  • Directory enumeration
  • Version detection signatures

Best Practices

섹션 제목: “Best Practices”
  1. Always obtain authorization before scanning production systems
  2. Use appropriate timeouts to avoid overwhelming target servers
  3. Respect rate limits when scanning multiple URLs
  4. Review results carefully - false positives can occur
  5. Keep exploit database updated regularly
  6. Use proxies/VPNs to maintain operational security
  7. Document all findings in reports
섹션 제목: “Legal Considerations”

CMSeeK is designed for authorized security testing only. Ensure you have explicit permission from the system owner before conducting vulnerability assessments. Unauthorized access to computer systems is illegal.

Resources

섹션 제목: “Resources”