文章目录
- 技术原理
- 代码实现一
- 代码实现二
- 总结
这篇文章记录cms识别脚本。
技术原理
1.使用在线平台识别,比如whatcms,fofa等
2.自己写脚本识别,但是指纹库麻烦,需要耗费大量精力
代码实现一
这里我使用的是whatcms接口,可以免费每个月使用1000次。需要自己申请key。也可以用别的接口。
python">from prettytable import PrettyTablefrom config import apikey_cms
import requestsdef cms(domain):if apikey_cms=="None":print("no apikey for whatcms")return Noneapi_url = f"https://whatcms.org/API/Tech?key={apikey_cms}&url={domain}"response = requests.get(api_url)# print(response.text)# 检查响应状态码是否为 200 (OK)if response.status_code == 200:data = response.json()if data['results'] != []:tech_table = PrettyTable()tech_table.field_names = ["技术名称", "版本", "类别", "更多信息"]# 提取技术栈数据并添加到表格中for tech in data['results']:tech_table.add_row([tech['name'],tech['version'] if tech['version'] else 'N/A',', '.join(tech['categories']),f"https:{tech['url']}" # 拼接完整的 URL])# 打印技术栈表格print("技术栈信息:")print(tech_table)else:print("未识别到cms信息")if data['meta'] != []:# 创建 PrettyTable 对象来存储社交媒体数据social_table = PrettyTable()# 设置列名social_table.field_names = ["社交网络", "URL", "个人资料"]# 提取社交媒体数据并添加到表格中for social in data['meta']['social']:social_table.add_row([social['network'],social['url'],social['profile']])# 打印社交媒体表格print("\n社交媒体信息:")print(social_table)else:print("未识别到社交信息")else:print(f"请求失败,状态码:{response.status_code}")if __name__ == '__main__':cms("http://eci-2zea2431utbdaijiw30l.cloudeci1.ichunqiu.com/")这里我采用一道靶场为例:
代码实现二
自己使用指纹库识别,收集特征文件的md5值,然后访问文件比对md5值。
python">def cms_cms(url):cms_json = open("../fingers/cms/fingers_simple.json", "r", encoding="utf-8")cms_data = json.load(cms_json)for i in cms_data["data"]:print(i)if i["path"]!="":respon = requests.get(url+i["path"])if str(respon) == "<Response [200]>":md5_1 = hashlib.md5()md5_1.update(respon.content)hash_key = md5_1.hexdigest()if hash_key ==i["match_pattern"]:print(i["cms"])return i["cms"]
指纹库如下这种(自己在网上收集):
{"data": [{"cms": "\u4e94\u6307cms\u7f51\u7ad9\u7ba1\u7406\u7cfb\u7edf","file_type": "css","type": "md5","match_pattern": "5fed1213ff84fad23770feb545d0bb18","path": "/res/member/css/member.css","uptime": "2020-07-20 15:22"},{"cms": "\u4e94\u6307cms\u7f51\u7ad9\u7ba1\u7406\u7cfb\u7edf","file_type": "css","type": "md5","match_pattern": "5d5357cb3704e1f43a1f5bfed2aebf42","path": "/res/member/css/bootstrap.min.css","uptime": "2020-07-20 15:22"},{"cms": "\u4e94\u6307cms\u7f51\u7ad9\u7ba1\u7406\u7cfb\u7edf","file_type": "css","type": "md5","match_pattern": "f392e44a01b4e725a0721c791b628107","path": "/res/member/css/login.css","uptime": "2020-07-20 15:22"},
}
总结
对于cms识别如果自己没有大量时间建议使用在线cms识别。
浏览器插件: wappalyzer
whatcms
云悉
fofa,360quake等
指纹库:
自己去github上面找,然后自己针对经常遇到的cms进行收集,制作自己的指纹库。
