Tutorials

CMS & Exploit Kit Detection with WhatCMS

In Internet, more than 70% websites are using ready-made open source CMS like WordPress/Joomla/Drupal etc because a CMS always makes your website easier to use, less expensive to maintain.

As we all knows, CMS is a software that stores your web content, enables easy editing for web administrators/editors and allows multiple web administrators to log in to a single system. Today, the most popular web CMS platforms – WordPress, Joomla and Drupal – account for 70% of the market, and it is common for one or more to be included as a standard feature of web hosting services. Their status attests to their popularity and effectiveness, but CMS platforms also have security issues.

So these CMSs regularly update their software as vulnerabilities are reported and patches are being developed by the vendor. NIST (National Institute of Standards and Technology) and NVD (National Vulnerability Database) are the two standard which provides assessments of such vulnerabilities, accompanied by links to specific remediation activities for users/administrators to follow.

If you take a look at the vulnerabilities distribution by type, then XSS and SQL Injection for the most common vulnerabilities with an average of 65%, wheres code execution with an average of 40% are also common in nature.

With WhatCMS, which is an open source tool, you can easily identify the type of CMS and their fingerprinting information like Version, Hosting Details, IP Address, Hosting Provider etc.

WhatCMS can currently detect the use of more than 330 different CMS applications and services to later indicate a list of valid security audit tools for the detected CMS.

Installation of WhatCMS – 

WhatCms can easily be installed via Git clone utility by typing the following command in your Kali Linux machine:

Command: git clone https://github.com/HA71/WhatCMS

Basically, the above command will create a folder named as “WhatCMS” and will clone/copy all the files from the repository.

To run this tool, type “./whatcms.sh” in your command terminal but interesting thing is you need to add your API key into this script then only you can use this tool.

So for getting an API key, go to https://whatcms.org/APIKey and register a Free Account there.

Just fill out all the necessary information like Your Email Address, Password etc as shown in below screenshot. And you’ll instantly get an confirmation email.

After registration, it will look like this, where it shows complete stats of your account in which you’ll get 1000 API requests/month and there is some kind of limit like you can only send 1 request per 10 seconds in FREE Account.

As soon as you verify your account with the link provided you in email confirmation, the API key will be instantly shown in your account under API KEY Page.

Now next step is to edit your script file with Gedit tool which is an open source graphical editor and paste your API key which you copied from above step as shown below:

Now back to tool, and now run the script with the following command:

Command: ./whatcms.sh example.com

If you want to know more about target’s hosting information (Domain Provider, IP Address etc) then use the following command:

Command: ./whatcms.sh example.com -wh

Furthermore, if you press after the result, it will also shows the list of security audit tools based on the CMS type.

Yeahhub.com
Step by step hacking tutorials about wireless cracking, kali linux, metasploit, ethical hacking, seo tips and tricks, malware analysis and scanning.
https://www.yeahhub.com/

Leave a Reply

Your email address will not be published. Required fields are marked *

four × two =