Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Added whatcms_scan module #304

Merged
merged 3 commits into from
Jul 4, 2020
Merged

Added whatcms_scan module #304

merged 3 commits into from
Jul 4, 2020

Conversation

aman566
Copy link
Collaborator

@aman566 aman566 commented Jun 17, 2020
edited
Loading

Fixed #98
Fixed #236
Added the whatcms.org to improve the cms scan.

Checklist

  • I have followed the Contributor Guidelines.
  • The code has been thoroughly tested in my local development environment with flake8 and pylint.
  • The code is both Python 2 and Python 3 compatible.
  • The code follows the PEP8 styling guidelines with 4 spaces indentation.
  • This Pull Request relates to only one issue or only one feature
  • I have referenced the corresponding issue number in my commit message
  • I have added the relevant documentation.
  • My branch is up-to-date with the upstream master branch.

Changes proposed in this pull request

  • Used whatcms.org API for finding CMS.

Your development environment

  • OS: Linux
  • OS Version: Ubuntu 18.04
  • Python Version: 3.6.9

@aman566 aman566 requested a review from securestep9 June 17, 2020 18:43
securestep9
securestep9 reviewed Jun 30, 2020
View reviewed changes
lib/scan/whatcms/engine.py Show resolved Hide resolved
lib/scan/whatcms/engine.py Outdated Show resolved Hide resolved
@aman566 aman566 requested a review from securestep9 July 1, 2020 02:52
securestep9
securestep9 reviewed Jul 2, 2020
View reviewed changes
Copy link
Collaborator

@securestep9 securestep9 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also please add an info() message to report during the scan as soon as cms is found - otherwise one has to wait until the end to see if anything was found

lib/scan/whatcms/engine.py Outdated
cms_name = json.loads(req.text)["result"]["name"]
return cms_name
try:
req = requests.get(requests_url, verify=False, headers=headers)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

needs timeout=timeout_sec

lib/scan/whatcms/engine.py Outdated
return cms_name
try:
req = requests.get(requests_url, verify=False, headers=headers)
cms_name = json.loads(req.text)["result"]["name"]
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

also would be good to add cms version to cms_name
current result: (CMS Name:WordPress)
Please add version, so it looks like this: (CMS Name:WordPress version 5.2.7)

@securestep9 securestep9 merged commit 29cf353 into OWASP:master Jul 4, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@securestep9 securestep9 securestep9 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement online web fingerprinting api to scan website fingerprints Specific CMS Scanner
2 participants
@aman566 @securestep9