Open In App

CMSeeK – CMS Detection and Exploitation Tool

Last Updated : 14 Sep, 2021
Improve
Improve
Like Article
Like
Save
Share
Report

A content management system (CMS) is an application that is used to manage web content, providing multiple givers to create, edit and publish. Content in a CMS is typically saved in a database and displayed in a presentation layer based on a set of templates. 

In the Security World, this CMS application can contain vulnerabilities that can compromise the website on which respected CMS is working. The antiquated version of CMS can also be the path of cyber attacks on the target domain. So while performing a security audit on the victim domain, CMS Detection and version detection is done. CMSeeK tool is an automated tool developed in the Python Language. CMSeeK tool is capable of scanning numerous content management systems including WordPress, Joomla, Drupal, etc. CMSeeK tool allows you to run both simple CMS detection and deep scans, as well as multi-site scans. CMSeeK tool supports Interactive Mode and Command Line Mode for its usage.

Features of CMSeeK Tool:

  1. It supports more than 150 CMS for testing or detection.
  2. It is open-source and free to use.
  3. It has support to the interactive mode for its usage.
  4. It supports brute-forcing of CMS detection on the target domain.
  5. It supports testing on multiple domains parallelly.

Detection Methods:

  • Through HTTP Headers.
  • Through Generator meta tag.
  • Through Page source code.
  • Through robots.txt file on the server.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process:  Python Installation Steps on Linux

Installation of CMSeeK Tool on Kali Linux OS:

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/Tuhinshubhra/CMSeeK

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd CMSeeK

Step 3: You are in the directory of the CMSeeK. Now you have to install a dependency of the CMSeeK using the following command.

sudo pip3 install -r requirements.txt

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 cmseek.py -h

Working with CMSeeK Tool on Kali Linux OS:

Interactive Mode :

Example 1: CMS detection and Deep scan

Select Option 1

In this example, We will be using the interactive mode for CMS detection and Deep scan on geeksforgeeks.org

Example 2: Bruteforce CMSs

Select Option 3

In this example, We will be only brute-forcing single CMS on geeksforgeeks.org

Command Mode:

Example 1: Scan Domain geeksforgeeks.org

python3 cmseek.py -u  geeksforgeeks.org

In this example, We will be performing CMS Detection on geeksforgeeks.org. We have specified the target in the -u tag.

Example 2: Enabling verbose output while scanning geeksforgeeks.org

python3 cmseek.py -v -u  geeksforgeeks.org

In this example, We will be displaying the results in a more readable way or in a verbose way. We have used -v tag for verbose mode.



Like Article
Suggest improvement
Previous
Detecting and Checking Rootkits with Chkrootkit and rkhunter Tool in Kali Linux
Next
Traxss – Automated XSS Vulnerability Scanner
Share your thoughts in the comments

Similar Reads

CMSeeK - Open Source Content Management System Detection and Exploitation Tool
VulnX – CMS And Vulnerability Detection
WhatCMS - CMS Detection and Exploit Kit
Fuxploider - File Upload Vulnerability Scanner And Exploitation Tool
Commix - OS Command Injection and Exploitation Tool
Dracnmap – Information Gathering and Network Exploitation Tool
Zeebsploit - Information gathering, Scanning, and Exploitation tool
Ppmap - A Scanner or Exploitation Tool Written In GO
Tplmap - Tool For Automatic Server Side Template Injection Exploitation
Juumla - Tool Designed To Identify And Scan For Version, Config Files In The CMS Joomla

G
gauravgandal
Article Tags :
We use cookies to ensure you have the best browsing experience on our website. By using our site, you acknowledge that you have read and understood our Cookie Policy & Privacy Policy
Lightbox