cmsPoc - A CMS Exploit Framework



A CMS Exploit Framework.

Requirements
  • python2.7
  • Works on Linux, Windows

Usage
usage: cmspoc.py [-h]
 -t TYPE -s SCRIPT -u URL

optional arguments:
  -h, --help            show this help message and exit
  -t TYPE, --type TYPE  e.g.,phpcms
  -s SCRIPT, --script SCRIPT
                        Select script
  -u URL, --url URL     Input a target url

Examples
python cmspoc.py -t phpcms -s v960_sqlinject_getpasswd -u http://10.10.10.1:2500/phpcms960


Scripts
TYPESCRIPTDESCRIPTION
phpcmsv960_sqlinject_getpasswdphpcmsv9.6.0 wap模块 sql注入 获取passwd
icmsv701_sqlinject_getadminicmsv7.0.1 admincp.php sql注入 后台任意登陆
discuzv34_delete_arbitary_filesdiscuz ≤ v3.4 任意文件删除
beecmsv40_fileupload_getshellbeecms ≤ V4.0_R_20160525 文件上传漏洞


No comments

Note: Only a member of this blog may post a comment.

Powered by Blogger.