小编:此次小编为大家带来了CMS渗透工具合集,包括Joomla,wordpress等著名CMS的安全检测工具,本站提供程序(方法)可能带有攻击性,仅供安全研究与教学之用,风险自负!
Joomscan [611 joomla vulnerabilities database]
Joomscan is a tool for testing vulnerabilities on websites that use ‘Joomla’. This application allows you to view or Test the website on XSS attacks, SQL Injection, LFI, RFI, Bruteforce, etc.
Manual:
http://web-center.si/Navodila-za-uporabo-win.pdf [windows]
http://web-center.si/navodilazauporabo.pdf
Joomla Security Scanner v.1.0
PenTest for XSS, SQL-Inj, CSRF, Brute Force, RFI and LFI.
JComScanner[Joomla插件识别]
Scanner components Joomla.
Use:
./jscan.py http://joomla.org ./mycomponent_list.txt
With a timeout:
./jscan.py http://joomla.org ./mycomponent_list.txt 10
#!/usr/bin/env python import os import time import random import urllib2 as u2 import argparse as ap sub_url = "/components/" #------------------------------------------------------ # Args set def add_args(): p = ap.ArgumentParser() p.add_argument("-u", help = "Remote site URL") p.add_argument("-f", help = "Joomla components list file") p.add_argument("-t", help = "Timeout (sec)") p.add_argument("-T", help = "Randomization timeout (from 0 to N)") p.add_argument("-p", help = "HTTP Proxy server (PROXY:PORT)(example: 127.0.0.1:1080)") return p.parse_args(), p #------------------------------------------------------ #------------------------------------------------------ # Timeout def timeout(args): if args.T: time.sleep(random.randint(0, int(args.T))) elif args.t: time.sleep(int(args.t)) #------------------------------------------------------ #------------------------------------------------------ # Scan through HTTP server def scan_through_proxy(args, com_name, op): try: url = args.u + sub_url + com_name op.open(url) except: raise return True #------------------------------------------------------ #------------------------------------------------------ # Scan directly def scan(args, com_name): try: url = args.u + sub_url + com_name req = u2.Request(url) u2.urlopen(req) except: raise return True #------------------------------------------------------ a, p = add_args() if not a.u or not a.f: p.print_usage() p.exit() else: if a.u.find("http://") < 0 and a.u.find("HTTP://") < 0: a.u = "http://" + a.u if not os.access(a.f, os.F_OK): print "File {} does not exit or permission denied".format(a.f) exit() print "[Joomla components scanner by R0nin]\n" print "[+] Host:", a.u try: if not a.p: with open(a.f) as com_file: for line in com_file: line = line.strip("\r\n") try: scan(a, line) except u2.HTTPError as he: if he.code == 404: print "Component: " + line.ljust(40,' ') + "[Not found]" except u2.URLError as ue: print "Exception: " + ue.reason else: print "Component: " + line.ljust(40,' ') + "[OK]" timeout(a) else: if a.p.find("http://") < 0 and a.p.find("HTTP://") < 0: a.p = "http://" + a.p prx = u2.ProxyHandler({"http":a.p}) op = u2.build_opener(prx) u2.install_opener(op) print "[Scan via HTTP proxy {}]\n".format(a.p) with open(a.f) as com_file: for line in com_file: line = line.strip("\r\n") try: scan_through_proxy(a, line, op) except u2.HTTPError as he: if he.code == 404: print "Component: " + line.ljust(40,' ') + "[Not found]" except u2.URLError as ue: print "Exception: " + ue.reason else: print "Component: " + line.ljust(40,' ') + "[OK]" timeout(a) except KeyboardInterrupt: print "\nInterrupted by user (CTRL+C or Delete)" exit() except: print "Uknown exception: exit..." exit() else: print "\n[Sucess]\n" exit()
my_component.txt:
com_aardvertiser com_addressbook com_adsmanager com_advertising com_alameda com_alfurqan15x com_allcinevid com_alphauserpoints com_amblog com_annonces com_answers com_appointinator com_arcadegames com_archeryscores com_artforms com_articleman com_beamspetition com_beeheard com_bfquiztrial com_biblioteca com_billyportfolio com_blogfactory com_booklibrary com_btg_oglas com_caddy com_calcbuilder com_camp com_cbe com_ccboard com_ccinvoices com_ccrowdsource com_cgtestimonial com_chronocontact com_cinema com_ckforms com_clan com_clanlist com_clantools com_connect com_content com_cvmaker com_dateconverter com_dcnews com_delicious com_diary com_dioneformwizard com_discussions com_djartgallery com_drawroot com_dshop com_education_classess com_elite_experts com_eportfolio com_equipment com_esearch com_event com_extcalendar com_ezautos com_fabrik com_flashgames com_flexicontent com_flipwall com_forme com_g2bridge com_gadgetfactory com_gamesbox com_gantry com_gbufacebook com_golfcourseguide com_google com_graphics com_grid com_hello com_hmcommunity com_horoscope com_huruhelpdesk com_idoblog com_if_surfalert com_img com_iproperty com_jacomment com_jce com_jdirectory com_jdownloads com_jdrugstopics com_jeauto com_jedirectory com_jeemasms com_jefaqpro com_jeguestbook com_jejob com_jepoll com_jequoteform com_jesectionfinder com_jestory com_jesubmit com_jfuploader com_jgen com_jgrid com_jimtawl com_jmarket com_jmsfileseller com_jnewsletter com_jnewspaper com_joltcard com_jomdocs com_jomsocial com_jomtube com_joomdle com_joomdocs com_joomla-visites com_joomnik com_joomradio com_joomtouch com_jphone com_jp_jobs com_jquarks4s com_jradio com_jscalendar com_jsjobs com_jstore com_jsubscription com_jsupport com_jtickets com_jtm com_konsultasi com_lead com_listbingo com_listing com_lovefactory com_maianmedia com_manager com_market com_markt com_matamko com_mediamall com_mediqna com_memory com_mmsblog com_mscomment com_mtfireeagle com_mtree com_multimap com_multiroot com_mycar com_neorecruit com_newsfeeds com_noticeboard com_obsuggest com_ongallery com_orgchart com_oziogallery2 com_packages com_pandafminigames com_pbbooking com_people com_photobattle com_photomapgallery com_picasa2gallery com_picsell com_ponygallery com_pro_desk com_qcontacts com_qpersonel com_question com_quran com_realtyna com_record com_redshop com_remository com_restaurantguide com_restaurantmenumanager com_rokmodule com_rsappt_pro com_rsappt_pro2 com_rscomments com_s2clanroster com_searchlog com_sef com_sermonspeaker com_seyret com_simpledownload com_spa com_spartsite com_spielothek com_sponsorwall com_spsnewsletter com_staticxt com_sweetykeeper com_team com_teams com_techfolio com_timereturns com_timetrack com_travelbook com_ttvideo com_ultimateportfolio com_users com_versioning com_vikrealestate com_virtuemart com_webtv com_wgpicasa com_wmi com_wmptic com_xcloner-backupandrestore com_xgallery com_xmap com_xmovie com_ybggal com_youtube com_zimbcomment com_zimbcore com_zina com_zoomprotfolio cpm_worldrates com_jesectionfinder
[wpscan] WordPress Security Scanner
WPScan is a vulnerability scanner which checks the security of WordPress installations using a black box approach.
Details:
Please use SVN to download:svn checkout http://wpscan.googlecode.com/svn/trunk/ ./wpscan
WordPress P&E
Search plugins [WordPress] and vulnerability to them.
[DPScan] Drupal Security Scanner
This small tool is public and accessible to you for use however you please. It may help other auditors or penetration testers do their job faster.
Use: