Пример #1
0
    def core_analysis(self, dir_path):
        log.print_cms(
            "info", "#######################################################" +
            "\n\t\tCore analysis" +
            "\n#######################################################", "", 0)

        # Check current CMS version
        _, err = self.get_core_version(
            dir_path, re.compile("define\('VERSION', '(.*)'\);"),
            "includes/bootstrap.inc")
        # Get the last released version
        _, err = self.get_core_last_version(
            "https://updates.drupal.org/release-history/drupal/",
            self.core_details["infos"]["version"])

        # Check for vuln on the CMS version
        self.core_details["vulns"], err = self.check_vulns_core(
            self.core_details["infos"]["version"])

        # Check if the core have been altered
        download_url = self.download_core_url + self.core_details["infos"][
            "version"] + ".zip"
        self.core_details["alterations"], err = self.check_core_alteration(
            dir_path, self.core_details["infos"]["version"], download_url)

        return self.core_details
Пример #2
0
    def check_core_alteration(self, dir_path, version_core, core_url):
        alterations = []
        ignored = [
            "modules", "CHANGELOG.txt", "COPYRIGHT.txt", "LICENSE.txt",
            "MAINTAINERS.txt", "INSTALL.txt", "README.txt"
        ]

        temp_directory = uCMS.TempDir.create()

        log.print_cms("info", "[+] Checking core alteration", "", 0)

        try:
            response = requests.get(core_url)
            response.raise_for_status()

            if response.status_code == 200:
                zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r')
                zip_file.extractall(temp_directory)
                zip_file.close()

        except requests.exceptions.HTTPError as e:
            msg = "[-] The original drupal archive has not been found. Search " \
                  "manually ! "
            log.print_cms("alert", msg, "", 0)
            return msg, e

        clean_core_path = os.path.join(temp_directory,
                                       "drupal-" + version_core)

        dcmp = dircmp(clean_core_path, dir_path, ignored)
        uCMS.diff_files(dcmp, alterations, dir_path)

        return alterations, None
Пример #3
0
    def core_analysis(self, dir_path):
        log.print_cms("info",
        "#######################################################" \
        + "\n\t\tCore analysis" \
        + "\n#######################################################" \
        , "", 0)
        # Check current CMS version
        _, err = self.get_core_version(dir_path,
                                       re.compile("\$wp_version = '(.*)';"),
                                       "wp-includes/version.php")
        # Get the last released version
        _, err = self.get_core_last_version(self.site_api)

        # Check for vuln on the CMS version
        self.core_details["vulns"], err = self.check_vulns_core(
            self.core_details["infos"]["version"])

        # Check if the core have been altered
        download_url = self.download_core_url + self.core_details["infos"][
            "version"] + ".zip"

        self.core_details["alterations"], err = self.check_core_alteration(
            dir_path, download_url)

        return self.core_details
Пример #4
0
    def check_addon_alteration(self, addon, dir_path, temp_directory):
        addon_url = "{}{}.{}.zip".format(self.download_addon_url,
                                         addon["name"], addon["version"])

        if addon["version"] == "trunk":
            addon_url = "{}{}.zip".format(self.download_addon_url,
                                          addon["name"])

        log.print_cms("default", "To download the addon: " + addon_url, "", 1)

        try:
            response = requests.get(addon_url)
            response.raise_for_status()

            if response.status_code == 200:
                zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r')
                zip_file.extractall(temp_directory)
                zip_file.close()

                project_dir = os.path.join(dir_path, self.wp_content,
                                           "plugins", addon["name"])
                project_dir_hash = dirhash(project_dir, 'sha1')
                ref_dir = os.path.join(temp_directory, addon["name"])
                ref_dir_hash = dirhash(ref_dir, 'sha1')

                if project_dir_hash == ref_dir_hash:
                    altered = "NO"
                    log.print_cms("good",
                                  "Different from sources : " + altered, "", 1)
                else:
                    altered = "YES"
                    log.print_cms("alert",
                                  "Different from sources : " + altered, "", 1)

                    ignored = ["css", "img", "js", "fonts", "images"]

                    dcmp = dircmp(project_dir, ref_dir, ignored)
                    uCMS.diff_files(dcmp, addon["alterations"], project_dir)

                addon["edited"] = altered

                if addon["alterations"] is not None:
                    msg = "[+] For further analysis, archive downloaded here : " + ref_dir
                    log.print_cms("info", msg, "", 1)

        except requests.exceptions.HTTPError as e:
            msg = "The download link is not standard. Search manually !"
            log.print_cms("alert", msg, "", 1)
            addon["notes"] = msg
            return msg, e

        return altered, None
Пример #5
0
    def get_addon_version(self, addon, addon_path, version_file_regexp):
        version = ""
        try:
            path = os.path.join(addon_path, addon["filename"])
            with open(path) as addon_info:
                for line in addon_info:
                    version = version_file_regexp.search(line)
                    if version:
                        addon["version"] = version.group(1).strip("\"")
                        log.print_cms("default",
                                      "Version : " + addon["version"], "", 1)
                        break

        except FileNotFoundError as e:
            msg = "No standard extension file. Search manually !"
            log.print_cms("alert", "[-] " + msg, "", 1)
            addon["notes"] = msg
            return "", e
        return version, None
Пример #6
0
    def get_core_version(self, dir_path, version_core_regexp, cms_path):
        try:
            with open(os.path.join(dir_path, cms_path)) as version_file:
                version_core = ''
                for line in version_file:
                    version_core_match = version_core_regexp.search(line)
                    if version_core_match:
                        version_core = version_core_match.group(1).strip()
                        log.print_cms(
                            "info",
                            "[+] DRUPAL version used : " + version_core, "", 0)
                        self.core_details["infos"]["version"] = version_core
                        break

        except FileNotFoundError as e:
            log.print_cms("alert", "[-] DRUPAL version not found. Search "
                          "manually !", "", 0)
            return "", e
        return version_core, None
Пример #7
0
    def get_core_last_version(self, url):
        last_version_core = ""
        try:
            response = requests.get(url)
            response.raise_for_status()

            if response.status_code == 200:
                page_json = response.json()

                last_version_core = page_json["offers"][0]["version"]
                log.print_cms(
                    "info", "[+] Last WordPress version: " + last_version_core,
                    "", 0)
                self.core_details["infos"]["last_version"] = last_version_core

        except requests.exceptions.HTTPError as e:
            msg = "Unable to retrieve last WordPress version. Search manually !"
            log.print_cms("alert", "[-] " + msg, "", 1)
            return "", e
        return last_version_core, None
Пример #8
0
    def check_core_alteration(self, dir_path, core_url):
        alterations = []
        ignored = [
            ".git", "cache", "plugins", "themes", "images", "license.txt",
            "readme.html", "version.php"
        ]

        temp_directory = uCMS.TempDir.create()

        log.print_cms("info", "[+] Checking core alteration", "", 0)

        try:
            response = requests.get(core_url)
            response.raise_for_status()

            if response.status_code == 200:
                zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r')
                zip_file.extractall(temp_directory)
                zip_file.close()

        except requests.exceptions.HTTPError as e:
            msg = "[-] The original WordPress archive has not been found. Search manually ! "
            log.print_cms("alert", msg, "", 0)
            return msg, e

        clean_core_path = os.path.join(temp_directory, "wordpress")

        dcmp = dircmp(clean_core_path, dir_path, ignored)
        uCMS.diff_files(dcmp, alterations, dir_path)

        if alterations is not None:
            msg = "[+] For further analysis, archive downloaded here : " + clean_core_path
            log.print_cms("info", msg, "", 1)

        return alterations, None
Пример #9
0
    def get_addon_last_version(self, addon):
        version_web_regexp = re.compile(
            "<h2><a href=\"(.*?)\">(.+?) (.+?)</a></h2>")
        date_last_release_regexp = re.compile(
            "<time pubdate datetime=\"(.*?)\">(.+?)</time>")

        releases_url = "{}/project/{}/releases".format(self.site_url,
                                                       addon["name"])
        addon["last_version"] = "Not found"

        if addon["version"] == "VERSION":
            msg = "This is a default addon. Analysis is not yet implemented !"
            log.print_cms("alert", msg, "", 1)
            addon["notes"] = msg
            return "", None

        try:
            response = requests.get(releases_url, allow_redirects=False)
            response.raise_for_status()

            if response.status_code == 200:
                page = response.text

                last_version_result = version_web_regexp.search(page)
                date_last_release_result = date_last_release_regexp.search(
                    page)

                if last_version_result and date_last_release_result:
                    addon["last_version"] = last_version_result.group(3)
                    addon[
                        "last_release_date"] = date_last_release_result.group(
                            2)
                    addon["link"] = releases_url

                    if addon["last_version"] == addon["version"]:
                        log.print_cms("good", "Up to date !", "", 1)
                    else:
                        log.print_cms(
                            "alert", "Outdated, last version: ",
                            addon["last_version"] + " ( " +
                            addon["last_release_date"] + " )\n\tCheck : " +
                            releases_url, 1)

        except requests.exceptions.HTTPError as e:
            msg = "Addon not in drupal official site. Search manually !"
            log.print_cms("alert", "[-] " + msg, "", 1)
            addon["notes"] = msg
            return "", e
        return addon["last_version"], None
Пример #10
0
    def check_vulns_core(self, version_core):
        vulns_details = []
        version = version_core.replace('.', '')
        url = "{}wordpresses/{}".format(self.cve_ref_url, version)
        url_details = "https://wpvulndb.com/vulnerabilities/"

        try:
            response = requests.get(url)
            response.raise_for_status()

            if response.status_code == 200:
                page_json = response.json()

                vulns = page_json[version_core]["vulnerabilities"]
                log.print_cms("info", "[+] CVE list", "", 1)

                for vuln in vulns:

                    vuln_details = {
                        "name": "",
                        "link": "",
                        "type": "",
                        "poc": "",
                        "fixed_in": ""
                    }

                    vuln_url = url_details + str(vuln["id"])

                    vuln_details["name"] = vuln["title"]
                    vuln_details["link"] = vuln_url
                    vuln_details["type"] = vuln["vuln_type"]
                    vuln_details["poc"] = "CHECK"
                    vuln_details["fixed_in"] = vuln["fixed_in"]

                    if uCMS.get_poc(vuln_url):
                        vuln_details["poc"] = "YES"

                    log.print_cms("alert", vuln["title"], "", 1)
                    log.print_cms(
                        "info",
                        "[+] Fixed in version " + str(vuln["fixed_in"]), "", 1)

                    vulns_details.append(vuln_details)

        except requests.exceptions.HTTPError as e:
            msg = "No entry on wpvulndb."
            log.print_cms("info", "[+] " + msg, "", 1)
            return "", e
        return vulns_details, None
Пример #11
0
    def check_addon_alteration(self, addon, addon_path, temp_directory):
        addon_url = "{}{}-{}.zip".format(self.download_addon_url,
                                         addon["name"], addon["version"])

        if addon["version"] == "VERSION":
            # TODO
            return None, None

        log.print_cms("default", "To download the addon : " + addon_url, "", 1)

        altered = ""

        try:
            response = requests.get(addon_url)
            response.raise_for_status()

            if response.status_code == 200:
                zip_file = zipfile.ZipFile(io.BytesIO(response.content), 'r')
                zip_file.extractall(temp_directory)
                zip_file.close()

                project_dir_hash = dirhash(addon_path, 'sha1')
                ref_dir = os.path.join(temp_directory, addon["name"])
                ref_dir_hash = dirhash(ref_dir, 'sha1')

                if project_dir_hash == ref_dir_hash:
                    altered = "NO"
                    log.print_cms("good",
                                  "Different from sources : " + altered, "", 1)

                else:
                    altered = "YES"
                    log.print_cms("alert",
                                  "Different from sources : " + altered, "", 1)

                    ignored = ["tests"]

                    dcmp = dircmp(addon_path, ref_dir, ignored)
                    uCMS.diff_files(dcmp, addon["alterations"], addon_path)

                addon["edited"] = altered

        except requests.exceptions.HTTPError as e:
            msg = "The download link is not standard. Search manually !"
            log.print_cms("alert", msg, "", 1)
            addon["notes"] = msg
            return msg, e
        return altered, None
Пример #12
0
    def get_core_last_version(self, url, version_core):
        last_version_core = ""
        major = version_core.split(".")[0]
        url_release = url + major + ".x"

        try:
            response = requests.get(url_release)
            response.raise_for_status()

            if response.status_code == 200:
                tree = etree.fromstring(response.content)
                last_version_core = tree.xpath(
                    "/project/releases/release/tag")[0].text
                log.print_cms("info",
                              "[+] Last CMS version: " + last_version_core, "",
                              0)
                self.core_details["infos"]["last_version"] = last_version_core

        except requests.exceptions.HTTPError as e:
            msg = "Unable to retrieve last wordpress version. Search manually !"
            log.print_cms("alert", "[-] " + msg, "", 1)
            return "", e
        return last_version_core, None
Пример #13
0
    def get_addon_last_version(self, addon):
        if addon["type"] == "plugins":
            releases_url = "https://wordpress.org/plugins/{}/".format(
                addon["name"])
            version_web_regexp = re.compile("\"softwareVersion\": \"(.*)\"")
            date_last_release_regexp = re.compile("\"dateModified\": \"(.*)\"")
        elif addon["type"] == "themes":
            releases_url = "https://wordpress.org/themes/{}/".format(
                addon["name"])
            version_web_regexp = re.compile("Version: <strong>(.*)</strong>")
            date_last_release_regexp = re.compile(
                "Last updated: <strong>(.*)</strong>")

        addon["last_version"] = "Not found"
        try:
            response = requests.get(releases_url, allow_redirects=False)
            response.raise_for_status()

            if response.status_code == 200:
                page = response.text

                last_version_result = version_web_regexp.search(page)
                date_last_release_result = date_last_release_regexp.search(
                    page)

                if last_version_result and date_last_release_result:
                    addon["last_version"] = last_version_result.group(1)
                    addon[
                        "last_release_date"] = date_last_release_result.group(
                            1).split("T")[0]
                    addon["link"] = releases_url

                    if addon["last_version"] == addon["version"]:
                        log.print_cms("good", "Up to date !", "", 1)
                    else:
                        log.print_cms(
                            "alert", "Outdated, last version: ",
                            addon["last_version"] + " ( " +
                            addon["last_release_date"] + " )\n\tCheck : " +
                            releases_url, 1)

        except requests.exceptions.HTTPError as e:
            msg = "Addon not in WordPress official site. Search manually !"
            log.print_cms("alert", "[-] " + msg, "", 1)
            addon["notes"] = msg
            return "", e
        return addon["last_version"], None
Пример #14
0
def main():
    args = uCMS.parse_args()

    log.set_nocolor_policy(args.no_color)

    if not args.DIR:
        log.print_cms("alert", "No path received !", "", 0)
        sys.exit()

    dir_path = args.DIR

    if args.CMS == "wordpress":
        to_check = ["wp-includes", "wp-admin"]
        uCMS.verify_path(dir_path, to_check)
        cms = dCMS.WP()

    elif args.CMS == "drupal":
        to_check = ["includes", "modules", "scripts", "themes"]
        uCMS.verify_path(dir_path, to_check)
        cms = dCMS.DPL()

    else:
        log.print_cms("alert", "CMS unknown or unsupported !", "", 0)
        sys.exit()

    # Analyse the core
    if not args.skip_core:
        cms.core_analysis(dir_path)

    # Analyse plugins
    if not args.skip_plugins:
        cms.addon_analysis(dir_path, "plugins")

    # Analyse themes
    if not args.skip_themes:
        cms.addon_analysis(dir_path, "themes")

    # Save results to a file
    if args.type == "CSV" and args.output:
        # Initialize the output file
        result_csv = rCMS.ComissionCSV(args.output)
        # Add data and generate result file
        result_csv.add_data(cms.core_details, cms.plugins, cms.themes)

    elif args.type == "XLSX" and args.output:
        # Initialize the output file
        result_xlsx = rCMS.ComissionXLSX(args.output)
        # Add data
        result_xlsx.add_data(cms.core_details, cms.plugins, cms.themes)
        # Generate result file
        result_xlsx.generate_xlsx()

    elif args.type == "JSON" and args.output:
        # Initialize the output file
        result_json = rCMS.ComissionJSON(args.output)
        # Add data
        result_json.add_data(cms.core_details, cms.plugins, cms.themes)
        # Generate result file
        result_json.generate_json()

    else:
        log.print_cms(args.no_color, "alert",
                      "Output type unknown or missing filename !", "", 0)
        sys.exit()
Пример #15
0
    def check_vulns_addon(self, addon):
        cve = ""
        url_details = "https://wpvulndb.com/vulnerabilities/"
        try:
            url = "{}plugins/{}".format(self.cve_ref_url, addon["name"])

            response = requests.get(url)
            response.raise_for_status()

            if response.status_code == 200:
                page_json = response.json()

                vulns = page_json[addon["name"]]["vulnerabilities"]
                log.print_cms("info", "[+] CVE list", "", 1)

                for vuln in vulns:

                    vuln_url = url_details + str(vuln["id"])
                    vuln_details = {
                        "name": "",
                        "link": "",
                        "type": "",
                        "poc": "",
                        "fixed_in": ""
                    }

                    try:
                        if LooseVersion(addon["version"]) < LooseVersion(
                                vuln["fixed_in"]):
                            log.print_cms("alert", vuln["title"], "", 1)

                            vuln_details["name"] = vuln["title"]
                            vuln_details["link"] = vuln_url
                            vuln_details["type"] = vuln["vuln_type"]
                            vuln_details["fixed_in"] = vuln["fixed_in"]
                            vuln_details["poc"] = "CHECK"

                            if uCMS.get_poc(vuln_url):
                                vuln_details["poc"] = "YES"

                            addon["vulns"].append(vuln_details)

                    except TypeError as e:
                        log.print_cms("alert", "Unable to compare version. Please check this " \
                                      "vulnerability :" + vuln["title"], "", 1)

                        vuln_details["name"] = " To check : " + vuln["title"]
                        vuln_details["link"] = vuln_url
                        vuln_details["type"] = vuln["vuln_type"]
                        vuln_details["fixed_in"] = vuln["fixed_in"]
                        vuln_details["poc"] = "CHECK"

                        if uCMS.get_poc(vuln_url):
                            vuln_details["poc"] = "YES"

                        addon["vulns"].append(vuln_details)

                if addon["vulns"]:
                    addon["cve"] = "YES"
                else:
                    addon["cve"] = "NO"

        except requests.exceptions.HTTPError as e:
            msg = "No entry on wpvulndb."
            log.print_cms("info", "[+] " + msg, "", 1)
            addon["cve"] = "NO"
            return "", e
        return cve, None
Пример #16
0
 def check_vulns_core(self, version_core):
     # TODO
     log.print_cms("alert", "CVE check not yet implemented !", "", 1)
     return [], None
Пример #17
0
 def check_vulns_addon(self, addon):
     # TODO
     log.print_cms("alert", "CVE check not yet implemented !", "", 1)
     return [], None
Пример #18
0
    def addon_analysis(self, dir_path, addon_type):
        temp_directory = uCMS.TempDir.create()
        addons = []

        log.print_cms("info",
        "#######################################################" \
        + "\n\t\t" + addon_type + " analysis" \
        + "\n#######################################################" \
        , "", 0)

        # Get the list of addon to work with
        self.wp_content = self.get_wp_content(dir_path)[0]

        addons_paths = {"standard": os.path.join(self.wp_content, addon_type)}

        if addon_type == "plugins":
            addons_paths["mu"] = os.path.join(self.wp_content, "mu-plugins")

        for key, addons_path in addons_paths.items():
            addons_name = uCMS.fetch_addons(
                os.path.join(dir_path, addons_path), key)

            for addon_name in addons_name:
                addon = {
                    "type": addon_type,
                    "status": "todo",
                    "name": addon_name,
                    "version": "",
                    "last_version": "",
                    "last_release_date": "",
                    "link": "",
                    "edited": "",
                    "cve": "",
                    "vulns": [],
                    "notes": "",
                    "alterations": [],
                    "filename": "",
                    "path": ""
                }

                addon_path = os.path.join(dir_path, addons_path, addon_name)

                if addon_type == "plugins":
                    if key == "mu":
                        addon["mu"] = "YES"
                        addon_path = os.path.join(dir_path, addons_path)
                    else:
                        addon["mu"] = "NO"

                log.print_cms("info", "[+] " + addon_name, "", 0)

                # Check addon main file
                _, err = self.get_addon_main_file(addon, addon_path)
                if err is not None:
                    addons.append(addon)
                    continue

                # Get addon version
                _, err = self.get_addon_version(
                    addon, addon_path, re.compile("(?i)Version: (.*)"))
                if err is not None:
                    addons.append(addon)
                    continue

                # Check addon last version
                _, err = self.get_addon_last_version(addon)
                if err is not None:
                    addons.append(addon)
                    continue

                # Check known CVE in wpvulndb
                _, err = self.check_vulns_addon(addon)
                if err is not None:
                    addons.append(addon)
                    continue

                # Check if the addon have been altered
                _, err = self.check_addon_alteration(addon, dir_path,
                                                     temp_directory)
                if err is not None:
                    addons.append(addon)
                    continue

                addons.append(addon)

        if addon_type == "plugins":
            self.plugins = addons
        elif addon_type == "themes":
            self.themes = addons

        return addons
Пример #19
0
    def addon_analysis(self, dir_path, addon_type):
        temp_directory = uCMS.TempDir.create()
        addons = []

        log.print_cms(
            "info", "#######################################################" +
            "\n\t\t" + addon_type + " analysis" +
            "\n#######################################################", "", 0)

        # Get the list of addon to work with
        if addon_type == "plugins":
            addons_path = self.plugins_path

        elif addon_type == "themes":
            addons_path = self.themes_path

        addons_name = uCMS.fetch_addons(os.path.join(dir_path, addons_path),
                                        "standard")

        for addon_name in addons_name:
            addon = {
                "status": "todo",
                "name": "",
                "version": "",
                "last_version": "",
                "last_release_date": "",
                "link": "",
                "edited": "",
                "cve": "",
                "vulns_details": "",
                "notes": "",
                "alterations": []
            }
            log.print_cms("info", "[+] " + addon_name, "", 0)

            addon["name"] = addon_name
            addon["type"] = addon_type
            addon["filename"] = addon["name"] + ".info"

            addon_path = os.path.join(dir_path, addons_path, addon_name)

            # Get addon version
            _, err = self.get_addon_version(addon, addon_path,
                                            re.compile("version = (.*)"))
            if err is not None:
                addons.append(addon)
                continue

            # Check addon last version
            _, err = self.get_addon_last_version(addon)
            if err is not None:
                addons.append(addon)
                continue

            # Check if there are known CVE
            _, err = self.check_vulns_addon(addon)
            if err is not None:
                addons.append(addon)
                continue

            # Check if the addon have been altered
            _, err = self.check_addon_alteration(addon, addon_path,
                                                 temp_directory)
            if err is not None:
                addons.append(addon)
                continue

            addons.append(addon)

        if addon_type == "plugins":
            self.plugins = addons
        elif addon_type == "themes":
            self.themes = addons

        return addons
Пример #20
0
def main():
    args = uCMS.parse_args()

    if args["conf"]:
        config = uCMS.parse_conf(args["conf"])
        args = {**config, **args}

    # Colored output ?
    if args["no_color"]:
        log.set_nocolor_policy(args["no_color"])

    if not args["dir"]:
        log.print_cms("alert", "No path received !", "", 0)
        sys.exit()

    dir_path = args["dir"]

    # Verify if the CMS is the really the one given by the user
    if args["cms"] == "wordpress":
        to_check = ["wp-includes", "wp-admin"]
        uCMS.verify_path(dir_path, to_check)
        cms = dCMS.WP()

    elif args["cms"] == "drupal":
        to_check = ["includes", "modules", "scripts", "themes"]
        uCMS.verify_path(dir_path, to_check)
        cms = dCMS.DPL()

    else:
        log.print_cms("alert", "CMS unknown or unsupported !", "", 0)
        sys.exit()

    # Analyse the core
    if not args["skip_core"]:
        cms.core_analysis(dir_path)

    # Analyse plugins
    if not args["skip_plugins"]:
        cms.addon_analysis(dir_path, "plugins")

    # Analyse themes
    if not args["skip_themes"]:
        cms.addon_analysis(dir_path, "themes")

    # Save results to a file
    if args["type"] == "CSV" and args["output"]:
        # Initialize the output file
        result_csv = rCMS.ComissionCSV(args["output"])
        # Add data and generate result file
        result_csv.add_data(cms.core_details, cms.plugins, cms.themes)

    elif args["type"] == "XLSX" and args["output"]:
        # Initialize the output file
        result_xlsx = rCMS.ComissionXLSX(args["output"])
        # Add data
        result_xlsx.add_data(cms.core_details, cms.plugins, cms.themes)
        # Generate result file
        result_xlsx.generate_xlsx()

    elif args["type"] == "JSON" and args["output"]:
        # Initialize the output file
        result_json = rCMS.ComissionJSON(args["output"])
        # Add data
        result_json.add_data(cms.core_details, cms.plugins, cms.themes)
        # Generate result file
        result_json.generate_json()

    else:
        log.print_cms(args.no_color, "alert",
                      "Output type unknown or missing filename !", "", 0)
        sys.exit()

    # Keep or clean temp dir
    uCMS.TempDir.ask_delete_tmp()