RunScanner self.ForceCMSType() #3
Comments
|
I can't replicate the issue. I have run Run Also, provide the versions of Drupal that you were testing. From the error message, it seems that |
|
Tested against the following versions of Drupal without errors.
|
|
I have managed to replicate the issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
OS; Linux parrot 4.17.0-parrot17-amd64 #1 SMP Parrot 4.17.17-1parrot17 (2018-08-27) x86_64 GNU/Linux
enter the command: python3 cmsmap.py -i drupal.txt -o good.txt
(drupal.txt have the form:
http://site1.com
http://site2.com
http://site3.com
http://*******.com)
└──╼ $python3 cmsmap.py -i drupal.txt -o good.txt
[-] Date & Time: 22/10/2018 13:44:07
[I] Threads: 5
[-] Target: http://site1.com (ip.ip.ip.ip)
[M] Website Not in HTTPS: http://site1.com
[I] Server: nginx/1.14.0
[I] X-Powered-By: PHP/5.3.29
[L] X-Generator: Drupal 7 (http://drupal.org)
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: http://site1.com/robots.txt
[I] CMS Detection: Drupal
[I] Drupal Version: 7.41
[M] EDB-ID: 44448 "Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)"
[M] EDB-ID: 44449 "Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution"
[M] EDB-ID: 44482 "Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)"
[M] EDB-ID: 44542 "Drupal < 7.58 - 'drupalgeddon3' (Authenticated) Remote Code Execution (PoC)"
[M] EDB-ID: 44557 "Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)"
[I] Drupal Theme: bartik
[-] Enumerating Drupal Usernames via "Views" Module...
[-] Enumerating Drupal Usernames via "Blog" Module...
[-] Enumerating Drupal Usernames via "/user/"...
[I] Autocomplete Off Not Found: http://site1.com/user/
[-] Drupal Default Files:
[-] Drupal is likely to have a large number of default files
[-] Would you like to list them all?
[y/N]: N
[I] Forgotten Password Allows Username Enumeration: http://site1.com/user/password
[-] Search Drupal Modules ...
[I] book
[I] comment
[I] content
[I] ctools
[I] field
[I] jcaption
[I] jquery_update
[I] node
[I] panels
[I] responsive
[I] search
[I] system
[I] user
[I] views
[I] Checking for Directory Listing Enabled ...
[I] Threads: 5
[-] Target: http://site2.com (ip.ip.ip.ip)
[M] Website Not in HTTPS: http://site2.com
[I] Server: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.30
[I] X-Powered-By: PHP/5.4.30
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: http://site2.com/robots.txt
[I] CMS Detection: Drupal
Traceback (most recent call last):
File "cmsmap.py", line 25, in
main()
File "/home/max/Desktop/CMSmap/cmsmap/main.py", line 154, in main
scanner.RunScanner()
File "/home/max/Desktop/CMSmap/cmsmap/lib/scanner.py", line 40, in RunScanner
self.ForceCMSType()
File "/home/max/Desktop/CMSmap/cmsmap/lib/scanner.py", line 61, in ForceCMSType
druscan.Drurun()
File "/home/max/Desktop/CMSmap/cmsmap/lib/druscan.py", line 35, in Drurun
self.DruVersion()
TypeError: 'str' object is not callable
Issue Details
CMSmap Version: recent version
What to do and how to be?
The text was updated successfully, but these errors were encountered: