-
Notifications
You must be signed in to change notification settings - Fork 248
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
RunScanner self.ForceCMSType() #3
Comments
I can't replicate the issue. I have run Run Also, provide the versions of Drupal that you were testing. From the error message, it seems that |
Tested against the following versions of Drupal without errors.
|
I have managed to replicate the issue. |
OS; Linux parrot 4.17.0-parrot17-amd64 #1 SMP Parrot 4.17.17-1parrot17 (2018-08-27) x86_64 GNU/Linux
enter the command: python3 cmsmap.py -i drupal.txt -o good.txt
(drupal.txt have the form:
http://site1.com
http://site2.com
http://site3.com
http://*******.com)
└──╼ $python3 cmsmap.py -i drupal.txt -o good.txt
[-] Date & Time: 22/10/2018 13:44:07
[I] Threads: 5
[-] Target: http://site1.com (ip.ip.ip.ip)
[M] Website Not in HTTPS: http://site1.com
[I] Server: nginx/1.14.0
[I] X-Powered-By: PHP/5.3.29
[L] X-Generator: Drupal 7 (http://drupal.org)
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: http://site1.com/robots.txt
[I] CMS Detection: Drupal
[I] Drupal Version: 7.41
[M] EDB-ID: 44448 "Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (PoC)"
[M] EDB-ID: 44449 "Drupal < 7.58 / < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution"
[M] EDB-ID: 44482 "Drupal < 8.3.9 / < 8.4.6 / < 8.5.1 - 'Drupalgeddon2' Remote Code Execution (Metasploit)"
[M] EDB-ID: 44542 "Drupal < 7.58 - 'drupalgeddon3' (Authenticated) Remote Code Execution (PoC)"
[M] EDB-ID: 44557 "Drupal < 7.58 - 'Drupalgeddon3' (Authenticated) Remote Code (Metasploit)"
[I] Drupal Theme: bartik
[-] Enumerating Drupal Usernames via "Views" Module...
[-] Enumerating Drupal Usernames via "Blog" Module...
[-] Enumerating Drupal Usernames via "/user/"...
[I] Autocomplete Off Not Found: http://site1.com/user/
[-] Drupal Default Files:
[-] Drupal is likely to have a large number of default files
[-] Would you like to list them all?
[y/N]: N
[I] Forgotten Password Allows Username Enumeration: http://site1.com/user/password
[-] Search Drupal Modules ...
[I] book
[I] comment
[I] content
[I] ctools
[I] field
[I] jcaption
[I] jquery_update
[I] node
[I] panels
[I] responsive
[I] search
[I] system
[I] user
[I] views
[I] Checking for Directory Listing Enabled ...
[I] Threads: 5
[-] Target: http://site2.com (ip.ip.ip.ip)
[M] Website Not in HTTPS: http://site2.com
[I] Server: Apache/2.2.15 (Red Hat) mod_rpaf/0.6 PHP/5.4.30
[I] X-Powered-By: PHP/5.4.30
[L] X-Frame-Options: Not Enforced
[I] Strict-Transport-Security: Not Enforced
[I] X-Content-Security-Policy: Not Enforced
[L] Robots.txt Found: http://site2.com/robots.txt
[I] CMS Detection: Drupal
Traceback (most recent call last):
File "cmsmap.py", line 25, in
main()
File "/home/max/Desktop/CMSmap/cmsmap/main.py", line 154, in main
scanner.RunScanner()
File "/home/max/Desktop/CMSmap/cmsmap/lib/scanner.py", line 40, in RunScanner
self.ForceCMSType()
File "/home/max/Desktop/CMSmap/cmsmap/lib/scanner.py", line 61, in ForceCMSType
druscan.Drurun()
File "/home/max/Desktop/CMSmap/cmsmap/lib/druscan.py", line 35, in Drurun
self.DruVersion()
TypeError: 'str' object is not callable
Issue Details
CMSmap Version: recent version
What to do and how to be?
The text was updated successfully, but these errors were encountered: