dionach / cmsmap Goto Github PK

Issue Details

CMSmap Version: 59dd0e2
CMS Type: Drupal 7
CMS Version: 7.44
OS Information: OSX 10.14.6

Steps to reproduce the issue

Run cmsmap against Drupal site.
The issue is following:
xargs: illegal option -- r
usage: xargs [-0opt] [-E eofstr] [-I replstr [-R replacements]] [-J replstr]
[-L number] [-n number [-x]] [-P maxprocs] [-s size]
[utility [argument ...]]
xargs: illegal option -- r
usage: xargs [-0opt] [-E eofstr] [-I replstr [-R replacements]] [-J replstr]
[-L number] [-n number [-x]] [-P maxprocs] [-s size]
[utility [argument ...]]

Hello,
It is still needed user input for update even after providing the -U flag. Can you please let me know whats the proper Flag to use.

When i run CMSMap and it's checking for Plugins, there is plugin path that have space in their name then program throw an exception "http.client.InvalidURL: URL can't contain control characters.", so i debug the line like below

Before:
self.response = urllib.request.urlopen(self.req, context=self.ctx)
self.response = urllib.request.urlopen(self.req)

After:
from urllib import parse
self.response = urllib.request.urlopen(url=parse.quote_plus(self.req.get_full_url(), safe=':/'), context=self.ctx)
self.response = urllib.request.urlopen(url=parse.quote_plus(self.req.get_full_url(), safe=':/'))

There is actually other 5 self.response, you can update all of them

Issue Details

CMSmap Version:
CMS Type:
CMS Version:
Plugin Name:
OS Information:

Steps to reproduce the issue

Describe how to reproduce the issue

Expected behaviour

Describe how CMSmap should have handled the issue

Issue Details

CMSmap Version: up to date
CMS Type: WordPress
CMS Version: identified in WPScan = 5.7.2
Plugin Name: exploits
OS Information: kali 20.4

Steps to reproduce the issue

with my authorization to test a client, performed basic scan with no exploits. Found X-Frame Options not enforced, and robots.txt found. Therefore, I'm looking to see what exploits would be produced removing the -E flag. I tried multiple variation options such as -f W -F -d combinations and still received missing pluging outputs:

also, ensured the config leveraged APT and usr/share/exploitdb was set correctly
sudo python3 cmsmap.py https://clientname.org
scan ran and detected the Xframe and robots file but couldn't exploit or provide further results:

cmsmap.py https://targetedclient.org -f W -F -x -d -o LSoutput1.txt
[-] Date & Time: 16/06/2021 11:21:26
[I] Threads: 5
[-] Target: https://redacted.to.protect.clientname
[I] Server: nginx
[I] X-Powered-By: WP Engine
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[I] X-Content-Type-Options: Not Enforced
[L] Robots.txt Found: https://redacted.org/robots.txt
[I] CMS Detection: WordPress
[I] Wordpress Theme: redacted

Traceback (most recent call last):
File "/opt/CMSmap/cmsmap.py", line 25, in
main()
File "/opt/CMSmap/cmsmap/main.py", line 174, in main
scanner.RunScanner()
File "/opt/CMSmap/cmsmap/lib/scanner.py", line 38, in RunScanner
self.FindCMSType()
File "/opt/CMSmap/cmsmap/lib/scanner.py", line 119, in FindCMSType
self.ForceCMSType()
File "/opt/CMSmap/cmsmap/lib/scanner.py", line 49, in ForceCMSType
wpscan.WPrun()
File "/opt/CMSmap/cmsmap/lib/wpscan.py", line 48, in WPrun
self.WPConfigFiles()
File "/opt/CMSmap/cmsmap/lib/wpscan.py", line 125, in WPConfigFiles
requester.request(self.url + "/wp-config" + file, data=None)
File "/opt/CMSmap/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/lib/python3.9/urllib/request.py", line 214, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.9/urllib/request.py", line 517, in open
response = self._open(req, data)
File "/usr/lib/python3.9/urllib/request.py", line 534, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
File "/usr/lib/python3.9/urllib/request.py", line 494, in _call_chain
result = func(*args)
File "/usr/lib/python3.9/urllib/request.py", line 1389, in https_open
return self.do_open(http.client.HTTPSConnection, req,
File "/usr/lib/python3.9/urllib/request.py", line 1350, in do_open
r = h.getresponse()
File "/usr/lib/python3.9/http/client.py", line 1347, in getresponse
response.begin()
File "/usr/lib/python3.9/http/client.py", line 307, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.9/http/client.py", line 276, in _read_status
raise RemoteDisconnected("Remote end closed connection without"
http.client.RemoteDisconnected: Remote end closed connection without response

Describe how to reproduce the issue
see above.

Expected behaviour

not sure, but expected some results, not traceback errors

Describe how CMSmap should have handled the issue
First time running into this issue, or leveraging CMSmap without the -E

./cmsmap.py http://gevpgkrb.ac.in
[-] Date & Time: 13/04/2019 20:23:16
Traceback (most recent call last):
File "/root/Desktop/CMSmap/cmsmap/main.py", line 168, in main
addr = socket.gethostbyname(urlparse(args.target).hostname)
socket.gaierror: [Errno -2] Name or service not known

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "./cmsmap.py", line 25, in
main()
File "/root/Desktop/CMSmap/cmsmap/main.py", line 180, in main
msg = "Unable to resolve: " + scanner.url
TypeError: must be str, not NoneType

OS; Linux parrot 4.17.0-parrot17-amd64 #1 SMP Parrot 4.17.17-1parrot17 (2018-08-27) x86_64 GNU/Linux

enter the command: python3 cmsmap.py -i drupal.txt -o good.txt
(drupal.txt have the form:
http://site1.com
http://site2.com
http://site3.com
http://*******.com)

└──╼ $python3 cmsmap.py -i drupal.txt -o good.txt
[-] Date & Time: 22/10/2018 13:44:07
[I] Threads: 5
[-] Target: http://site1.com (ip.ip.ip.ip)
[M] Website Not in HTTPS: http://site1.com
[I] Server: nginx/1.14.0
[I] X-Powered-By: PHP/5.3.29
[L] X-Generator: Drupal 7 (http://drupal.org)
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: http://site1.com/robots.txt
[I] CMS Detection: Drupal
[I] Drupal Version: 7.41
[M] EDB-ID: 44448 "Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)"
[M] EDB-ID: 44449 "Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution"
[M] EDB-ID: 44482 "Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)"
[M] EDB-ID: 44542 "Drupal < 7.58 - 'drupalgeddon3' (Authenticated) Remote Code Execution (PoC)"
[M] EDB-ID: 44557 "Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)"
[I] Drupal Theme: bartik
[-] Enumerating Drupal Usernames via "Views" Module...
[-] Enumerating Drupal Usernames via "Blog" Module...
[-] Enumerating Drupal Usernames via "/user/"...
[I] Autocomplete Off Not Found: http://site1.com/user/
[-] Drupal Default Files:
[-] Drupal is likely to have a large number of default files
[-] Would you like to list them all?
[y/N]: N
[I] Forgotten Password Allows Username Enumeration: http://site1.com/user/password
[-] Search Drupal Modules ...
[I] book
[I] comment
[I] content
[I] ctools
[I] field
[I] jcaption
[I] jquery_update
[I] node
[I] panels
[I] responsive
[I] search
[I] system
[I] user
[I] views
[I] Checking for Directory Listing Enabled ...
[I] Threads: 5
[-] Target: http://site2.com (ip.ip.ip.ip)
[M] Website Not in HTTPS: http://site2.com
[I] Server: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.30
[I] X-Powered-By: PHP/5.4.30
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: http://site2.com/robots.txt
[I] CMS Detection: Drupal
Traceback (most recent call last):
File "cmsmap.py", line 25, in
main()
File "/home/max/Desktop/CMSmap/cmsmap/main.py", line 154, in main
scanner.RunScanner()
File "/home/max/Desktop/CMSmap/cmsmap/lib/scanner.py", line 40, in RunScanner
self.ForceCMSType()
File "/home/max/Desktop/CMSmap/cmsmap/lib/scanner.py", line 61, in ForceCMSType
druscan.Drurun()
File "/home/max/Desktop/CMSmap/cmsmap/lib/druscan.py", line 35, in Drurun
self.DruVersion()
TypeError: 'str' object is not callable

Issue Details

CMSmap Version: recent version

What to do and how to be?

Issue Details

CMSmap Version: v1.0
CMS Type: Wordpress
CMS Version: 2.7.1
Plugin Name: -
OS Information: CentOS 8

Getting strange error with control characters in URLs after updating ExploitDB.

Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib64/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/opt/CMSmap/cmsmap/lib/threadscanner.py", line 30, in run
requester.request(self.url + self.pluginPath + plugin + self.pluginPathEnd, data=None)
File "/opt/CMSmap/cmsmap/lib/requester.py", line 29, in request
self.response = urllib.request.urlopen(self.req, context=self.ctx)
File "/usr/lib64/python3.6/urllib/request.py", line 223, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib64/python3.6/urllib/request.py", line 526, in open
response = self._open(req, data)
File "/usr/lib64/python3.6/urllib/request.py", line 544, in _open
'_open', req)
File "/usr/lib64/python3.6/urllib/request.py", line 504, in _call_chain
result = func(*args)
File "/usr/lib64/python3.6/urllib/request.py", line 1361, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/lib64/python3.6/urllib/request.py", line 1318, in do_open
encode_chunked=req.has_header('Transfer-encoding'))
File "/usr/lib64/python3.6/http/client.py", line 1254, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib64/python3.6/http/client.py", line 1265, in _send_request
self.putrequest(method, url, **skips)
File "/usr/lib64/python3.6/http/client.py", line 1127, in putrequest
raise InvalidURL(f"URL can't contain control characters. {url!r} "
http.client.InvalidURL: URL can't contain control characters. '.../wp-content/plugins/worprees plugin bug dar/' (found at least ' ')

Issue Details

CMSmap Version: 1.0
CMS Type: WordPress
CMS Version: 5.5.1
Plugin Name: ...
OS Information: Ubuntu 18.04/Apache/2.4.29

Steps to reproduce the issue

Fresh install, run it on my WP installation

Expected behaviour

Run the scanner

What went wrong

Python error:
Traceback (most recent call last):
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/threading.py", line 932, in _bootstrap_inner
self.run()
File "/usr/local/lib/python3.8/site-packages/cmsmap/lib/threadscanner.py", line 30, in run
requester.request(self.url + self.pluginPath + plugin + self.pluginPathEnd, data=None)
File "/usr/local/lib/python3.8/site-packages/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 222, in urlopen
return opener.open(url, data, timeout)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 525, in open
response = self._open(req, data)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 542, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 502, in _call_chain
result = func(*args)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 1393, in https_open
return self.do_open(http.client.HTTPSConnection, req,
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/urllib/request.py", line 1350, in do_open
h.request(req.get_method(), req.selector, req.data, headers,
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1255, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1266, in _send_request
self.putrequest(method, url, **skips)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1100, in putrequest
self._validate_path(url)
File "/usr/local/Cellar/[email protected]/3.8.5/Frameworks/Python.framework/Versions/3.8/lib/python3.8/http/client.py", line 1200, in _validate_path
raise InvalidURL(f"URL can't contain control characters. {url!r} "
http.client.InvalidURL: URL can't contain control characters. '/wp-content/plugins/worprees plugin bug dar/' (found at least ' ')

There is this new CMS that is spreading nowadays called maxdev CMS... it seems pretty good however there are already some vulnerabilities just searching in exploit.db and on vuldb (just type maxdev in search bar)
You could add this cms and these vulnerabilities but also many others vulnerabilities if there are by searching on the internet...

cmsmap/tmp/

CMSmap Version: v1.0
OS Information: Kali Linux 2018.3

Following error received while scanning target, some can help please to resolve the issue.

[I] CMS Detection: WordPress
Traceback (most recent call last):
File "/root/CMSmap/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/lib/python3.6/urllib/request.py", line 223, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.6/urllib/request.py", line 532, in open
response = meth(req, response)
File "/usr/lib/python3.6/urllib/request.py", line 642, in http_response
'http', request, response, code, msg, hdrs)
File "/usr/lib/python3.6/urllib/request.py", line 570, in error
return self._call_chain(*args)
File "/usr/lib/python3.6/urllib/request.py", line 504, in _call_chain
result = func(*args)
File "/usr/lib/python3.6/urllib/request.py", line 650, in http_error_default
raise HTTPError(req.full_url, code, msg, hdrs, fp)
urllib.error.HTTPError: HTTP Error 404: Not Found

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3.6/http/client.py", line 546, in _get_chunk_left
chunk_left = self._read_next_chunk_size()
File "/usr/lib/python3.6/http/client.py", line 513, in _read_next_chunk_size
return int(line, 16)
ValueError: invalid literal for int() with base 16: b''

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/lib/python3.6/http/client.py", line 563, in _readall_chunked
chunk_left = self._get_chunk_left()
File "/usr/lib/python3.6/http/client.py", line 548, in _get_chunk_left
raise IncompleteRead(b'')
http.client.IncompleteRead: IncompleteRead(0 bytes read)

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "cmsmap.py", line 25, in
main()
File "/root/CMSmap/cmsmap/main.py", line 174, in main
scanner.RunScanner()
File "/root/CMSmap/cmsmap/lib/scanner.py", line 40, in RunScanner
self.ForceCMSType()
File "/root/CMSmap/cmsmap/lib/scanner.py", line 49, in ForceCMSType
wpscan.WPrun()
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 48, in WPrun
self.WPConfigFiles()
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 125, in WPConfigFiles
requester.request(self.url + "/wp-config" + file, data=None)
File "/root/CMSmap/cmsmap/lib/requester.py", line 38, in request
self.htmltext = e.read().decode('utf-8', 'ignore')
File "/usr/lib/python3.6/tempfile.py", line 624, in func_wrapper
return func(*args, **kwargs)
File "/usr/lib/python3.6/http/client.py", line 456, in read
return self._readall_chunked()
File "/usr/lib/python3.6/http/client.py", line 570, in _readall_chunked
raise IncompleteRead(b''.join(value))
http.client.IncompleteRead: IncompleteRead(1245 bytes read)

[ERROR] [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1123)

Issue Details

CMSmap Version: CMSmap tool v1.0 - Simple CMS Scanne
CMS Type: Joomla
CMS Version: Joomla Version: 3.8.8
Plugin Name:
OS Information:

Steps to reproduce the issue

install exploitdb with searchsploit
run the cmsmap and see errors when searchsploit is called

Expected behaviour

No searchsploit usage

Fix

had to change a file in cmsmap/lib/exploitdbsearch.py
the the colour parameter had to be changed
self.grepCMD = self.searchsploit+" --disable-colour " ...

Last version Kali and CMSmap

root@kali:~/CMSmap# python cmsmap.py -t https://example.com
Traceback (most recent call last):
File "cmsmap.py", line 4, in
from cmsmap.main import main
File "/root/CMSmap/cmsmap/main.py", line 4, in
from urllib.parse import urlparse
ImportError: No module named parse

Anu help?

Issue Details

CMSmap Version: v1.0
CMS Type: Drupal
CMS Version: 7.28
Plugin Name: drupal
OS Information: archlinux

CMS map doesn't find drupal by default but does when we force it.

$ python3 ~/CTF/tools/cmsmap/cmsmap.py http://10.x.x.x[I] Threads: 5
...
[-] Target: http://10.x.x.x (10.x.x.x)
[M] Website Not in HTTPS: http://10.x.x.x
[I] Server: Microsoft-IIS/8.5
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[I] X-Content-Type-Options: Not Enforced
[L] Robots.txt Found: http://10.11.1.49/robots.txt
[ERROR] CMS detection failed :(
[ERROR] Use -f to force CMSmap to scan (W)ordpress, (J)oomla or (D)rupal

$ python3 ~/CTF/tools/cmsmap/cmsmap.py http://10.x.x.x -f D
[-] Date & Time: 15/06/2019 00:17:47
[I] Threads: 5
[-] Target: http://10.x.x.x (10.x.x.x)
[M] Website Not in HTTPS: http://10.x.x.x
[I] Server: Microsoft-IIS/8.5
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[I] X-Content-Type-Options: Not Enforced
[L] Robots.txt Found: http://10.x.x.x/robots.txt
[I] CMS Detection: Drupal
[I] Drupal Version: 7.28
...

Steps to reproduce the issue

• clone cmsmap
• clone exploitdb
• modify cmsmap config
• launch cmsmap

Expected behaviour

Detect CMS type and version by default

Issue Details

CMSmap Version: current
CMS Type: moodle, but the tool say wordpress
CMS Version: crash
Plugin Name: cmsmap crashes when searching plugins
OS Information: ubuntu 16.04

Steps to reproduce the issue

Describe how to reproduce the issue
cmsmap https://dominioalvo/moodle/index.php

Expected behaviour

Describe how CMSmap should have handled the issue
Return vulnerabilities

Issue

[-] Default WordPress Files:
[-] Searching Wordpress Plugins ...
77%Exception in thread Thread-5:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/usr/local/lib/python3.6/dist-packages/cmsmap/lib/threadscanner.py", line 30, in run
requester.request(self.url + self.pluginPath + plugin + self.pluginPathEnd, data=None)
File "/usr/local/lib/python3.6/dist-packages/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/lib/python3.6/urllib/request.py", line 223, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.6/urllib/request.py", line 526, in open
response = self._open(req, data)
File "/usr/lib/python3.6/urllib/request.py", line 544, in _open
'_open', req)
File "/usr/lib/python3.6/urllib/request.py", line 504, in _call_chain
result = func(*args)
File "/usr/lib/python3.6/urllib/request.py", line 1368, in https_open
context=self._context, check_hostname=self._check_hostname)
File "/usr/lib/python3.6/urllib/request.py", line 1325, in do_open
encode_chunked=req.has_header('Transfer-encoding'))
File "/usr/lib/python3.6/http/client.py", line 1264, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.6/http/client.py", line 1275, in _send_request
self.putrequest(method, url, **skips)
File "/usr/lib/python3.6/http/client.py", line 1129, in putrequest
raise InvalidURL(f"URL can't contain control characters. {url!r} "
http.client.InvalidURL: URL can't contain control characters. '/moodle/index.php/wp-content/plugins/worprees plugin bug dar/' (found at least ' ')

Issue Details

CMSmap Version: what I got from git
CMS Type: wordpress
CMS Version:
Plugin Name:
OS Information:
[641] 0 08:42:30 root@xxx:~/CMSmap lsb_release -a
No LSB modules are available.
Distributor ID: TurnKey
Description: TurnKey GNU/Linux 9.12 (stretch)
Release: 9.12
Codename: stretch

Steps to reproduce the issue

I downloaded the git version and entered the dir and ran ./cmsmap.py and I got a stack trace:
[637] 0 08:40:16 root@xxx:~/CMSmap ./cmsmap.py
Traceback (most recent call last):
File "./cmsmap.py", line 4, in
from cmsmap.main import main
File "/root/CMSmap/cmsmap/main.py", line 9, in
from .lib.scanner import scanner
File "/root/CMSmap/cmsmap/lib/scanner.py", line 7, in
from .wpscan import wpscan
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 344, in
wpscan = WPScan()
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 35, in init
self.themes = [line.strip() for line in open(initializer.wp_themes)]
File "/root/CMSmap/cmsmap/lib/wpscan.py", line 35, in
self.themes = [line.strip() for line in open(initializer.wp_themes)]
File "/usr/lib/python3.5/encodings/ascii.py", line 26, in decode
return codecs.ascii_decode(input, self.errors)[0]
UnicodeDecodeError: 'ascii' codec can't decode byte 0xe4 in position 4533: ordinal not in range(128)

Content of cmsmap.conf is
[exploitdb]
edbtype = GIT
edbpath = /opt/exploit-database/

Expected behaviour

At least a help page but it doesn't work :(

For any more info, please ask.

Issue Details

CMSmap Version: v1.0
CMS Type: non specified
CMS Version:
Plugin Name:
OS Information: Kali latest

Steps to reproduce the issue

root@kali:~/CMSmap# cmsmap webserver.here
[-] Date & Time: 12/12/2019 21:38:25
Traceback (most recent call last):
File "/usr/local/bin/cmsmap", line 10, in
sys.exit(main())
File "/usr/local/lib/python3.7/dist-packages/cmsmap/main.py", line 168, in main
addr = socket.gethostbyname(urlparse(args.target).hostname)
TypeError: gethostbyname() argument 1 must be str, bytes or bytearray, not None

Describe how to reproduce the issue

Expected behaviour

Describe how CMSmap should have handled the issue

Issue Details

CMSmap Version: 1.0
CMS Type:
CMS Version:
Plugin Name:
OS Information: windows 10 Enterprise Edition 1903

Steps to reproduce the issue

py cmamap.py target

Expected behaviour

Traceback (most recent call last):
File "cmsmap.py", line 4, in
from cmsmap.main import main
File "E:\CMSmap\cmsmap\main.py", line 9, in
from .lib.scanner import scanner
File "E:\CMSmap\cmsmap\lib\scanner.py", line 7, in
from .wpscan import wpscan
File "E:\CMSmap\cmsmap\lib\wpscan.py", line 344, in
wpscan = WPScan()
File "E:\CMSmap\cmsmap\lib\wpscan.py", line 35, in init
self.themes = [line.strip() for line in open(initializer.wp_themes)]
File "E:\CMSmap\cmsmap\lib\wpscan.py", line 35, in
self.themes = [line.strip() for line in open(initializer.wp_themes)]
UnicodeDecodeError: 'gbk' codec can't decode byte 0xad in position 4899: illegal multibyte sequence

┌──(root💀localhost)-[/home/kali/CMSmap]
└─# python3 cmsmap.py https://hackertarget.com
[-] Date & Time: 04/06/2021 20:03:46
[I] Threads: 5
[-] Target: https://hackertarget.com (35.190.61.45)
[I] Server: nginx
[L] X-Frame-Options: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: https://hackertarget.com/robots.txt
[I] CMS Detection: WordPress [-] WordPress usernames identified:
[M] jody-admin
[M] the admin
[M] XML-RPC services are enabled
[I] Autocomplete Off Not Found: https://hackertarget.com/wp-login.php
[-] Default WordPress Files:
[-] Searching Wordpress Plugins ...
80%Exception in thread Thread-5:
Traceback (most recent call last):
File "/usr/lib/python3.8/threading.py", line 932, in _bootstrap_inner
self.run()
File "/home/kali/CMSmap/cmsmap/lib/threadscanner.py", line 30, in run
requester.request(self.url + self.pluginPath + plugin + self.pluginPathEnd, data=None)
File "/home/kali/CMSmap/cmsmap/lib/requester.py", line 31, in request
self.response = urllib.request.urlopen(self.req)
File "/usr/lib/python3.8/urllib/request.py", line 222, in urlopen
return opener.open(url, data, timeout)
File "/usr/lib/python3.8/urllib/request.py", line 525, in open
response = self._open(req, data)
File "/usr/lib/python3.8/urllib/request.py", line 542, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
File "/usr/lib/python3.8/urllib/request.py", line 502, in _call_chain
result = func(*args) File "/usr/lib/python3.8/urllib/request.py", line 1393, in https_open
return self.do_open(http.client.HTTPSConnection, req,
File "/usr/lib/python3.8/urllib/request.py", line 1350, in do_open
h.request(req.get_method(), req.selector, req.data, headers,
File "/usr/lib/python3.8/http/client.py", line 1255, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.8/http/client.py", line 1266, in _send_request
self.putrequest(method, url, **skips)
File "/usr/lib/python3.8/http/client.py", line 1100, in putrequest
self._validate_path(url)
File "/usr/lib/python3.8/http/client.py", line 1200, in _validate_path
raise InvalidURL(f"URL can't contain control characters. {url!r} "
http.client.InvalidURL: URL can't contain control characters. '/wp-content/plugins/worprees plugin bug dar/' (found at least ' ')
99%^

I can't exec, every time I get this error:

[-] Date & Time: 20/04/2019 02:04:19 [ERROR] ExploitDB Git repository was not found [-] Clone ExploitDB repository: git clone https://github.com/offensive-security/exploit-database [-] Then set the ExploitDB path "edbpath" in cmsmap.conf [-] ie: edbpath = /opt/exploitdb/

Im using mac, and I updated the path on the file. What else can it be?
Please let me know.

Issue Details

CMSmap Version: Newest
CMS Type: scan
CMS Version: Newest
Plugin Name:
OS Information: Kali linux 2018.2 debian

Steps to reproduce the issue

python3 cmsmap.py -t lyceum.univer.kharkov.ua -f J -F noedb

Traceback (most recent call last):
File "cmsmap.py", line 25, in
main()
File "/root/CMSmap/cmsmap/main.py", line 84, in main
initializer.threads = int(args.threads)
ValueError: invalid literal for int() with base 10: 'lyceum.univer.kharkov.ua'

Expected behaviour

Describe how CMSmap should have handled the issue

use command line arguments instead of reading user input - y/n, e.g. for cmsmap update; this way better scripting can be achieved

Issue Details

CMSmap Version: CMSmap tool v1.0
CMS Type: all
CMS Version: all
Plugin Name: cmsmap.py
OS Information: CentOS 7

Steps to reproduce the issue

python3 cmsmap.py [url]

Then we get thousands of these notices:
[i] Found (#1): /home/merlinwoff/exploitdb/files_exploits.csv
[i] To remove this message, please edit "/home/merlinwoff/exploitdb/.searchsploit_rc" for "files_exploits.csv" (package_array: exploitdb)

This happens since it asked me, if a want to update and I said yes.

Does anyone know this issue?

(I am using a cloned git of exploit db, since I am on centos and not on kali)

Issue Details

Related blackarch issue: BlackArch/blackarch#2365

It is currently impossible to use cmsmap on BlackArch Linux without root permissions because /usr/lib/python3.7/site-packages/cmsmap/ is write protected and cmsmap try to write in it, for example wp_plugins_small.txt.

Why is wp_plugins_small.txt no already in https://github.com/Dionach/CMSmap/tree/master/cmsmap/data ?

Also on Arch based distro exploitdb was install with pacman not apt-get or git so we can't use git either to update. So neither edbtype = APT or edbtype = GIT can work.

Issue Details

CMSmap Version: downloaded from git
CMS Type:
CMS Version:
Plugin Name:
OS Information: Lin

Steps to reproduce the issue

When running against URL I get problems with plugin part.
"http.client.InvalidURL: URL can't contain control characters. /wp-content/plugins/wordprees plugin bug da/ (found at least ' ')

Expected behaviour

Well finish the scan normally.

I did see the solution about eplace from wordprees plugin bug dar to wordpress_plugin_bug_da but there's no file wp_plugins_small.txt nor in my directory or in the current code section