How to Detect CMS Running on Target Website

0
Want create site? Find Free WordPress Themes and plugins.

WHAT IS CMS?

CMS stands for Content Management Systems. CMS provide to help webmaster processing their website easier, it is also the most critical success of every website. A content management system support creation, management, distribution, publishing and discovery of corporate information. It is also provide the ability to manage structure of the site pages or contents, appearance, and navigation. You may familiar with these most famous CMS :

  • WordPress
  • Joomla
  • Drupal
  • Etc.

I will not explain more detail about CMS here, our main focus here is how could we know or identify if website has certain CMS on it. That’s it, by knowing what CMS running or target, we could then processing for further penetration test. Such scan if the target has vulnerabilities on that CMS version or on others functionality like plugin, etc.

HOW TO SCAN WEBSITE CMS?

I will show you tools which is useful to gain information especially of course to identify it’s CMS. Kali linux actually has this built-in tool. It is whatweb, therefore whatweb is just collecting a general information, it is also able to detect the CMS on site running. Other tool which is designed to this particular purpose is called CMSmap. You need to install it before to use it later.

DETECT WEBSITE CMS WITH WHATWEB

STEP 1: Open Terminal, fire up whatweb

Lets just read what this tool is able to do, run this command to display the help message.

You can read it by yourself, anyway, whatweb has a lot information on that.

STEP 2: Scan the target

Although whatweb has a lot arguments to use, we could just simply run this command pattern to simplify our progress.

How to Detect CMS Running on Target Website

As shown above, the target has wordpress installed on his server. Easy right? just as simple as that. Next i will show you the other tool i mentioned earlier, CMSmap.

DETECT WEBSITE CMS WITH CMSmap

 

STEP 1: Installing CMSmap

Enter the following command to download CMSmap tool:

STEP 2

After you downloaded CMSmap files, now enter CMSmap directory using cd.

CMSmap is written using python V2, you might notice some errors if you run CMSmap using python V3 or latest. Run CMSmap using this command

CMSmap is able to scan multiple target listed on file, and scan availabe plugins. By the way this tool kinda outdated, i dont know why the developer of this tool does not improve CMSmap again, since 2015 i guess. But it is useful thou in other way.

So, after you already known what CMS is running, then your next step is to scan the vulnerability against it’s CMS. If you are lucky you may found some bugs which are able to be exploited further. I remain you to be a good person, OK

Did you find apk for android? You can find new Free Android Games and apps.