Skip to content

Latest commit

 

History

History
120 lines (86 loc) · 4.44 KB

README.md

File metadata and controls

120 lines (86 loc) · 4.44 KB

CoMisSion - WhiteBox CMS analysis

CoMisSion is a tool to quickly analyze a CMS setup. The tool:

  • checks for the core version;
  • checks for modifications made on the core (additions, alterations, deletions) with a fresh archive downloaded from CMS official website;
  • looks for the last core version;
  • looks for vulnerabilities in core version used (WordPress only);
  • checks for plugins and themes version;
  • checks for modifications made on each plugin and each theme (additions, alterations, deletions) with a fresh archive downloaded from CMS official website;
  • looks for vulnerabilities in plugins and themes version used.

🔥 Attention: CoMisSion is not looking for vulnerabilities by analysing the source code. Vulnerabilities are gathered from public databases like wpvulndb. Finding new vulnerabilities is not the purpose of this tool.

A complete report can be generated in following formats:

  • XLSX
  • CSV
  • JSON (to allow the tool to be used in a CI process)

The tool has been tested on Linux and Windows. To avoid output pollution, I recommend setting --no-color option on Windows.

Example

./commision.py -c wordpress -d /cms_dir -o report.xlsx -t XLSX

Installation

The tool needs at least python3.6.

git clone https://github.com/Intrinsec/comission
pip install -r requirements.txt

Usage

usage: comission.py [-h] -d DIR -c CMS [-o FILE] [-t TYPE] [--skip-core]
                    [--skip-plugins] [--skip-themes] [--no-color] [-f CONF]
                    [--log LOGFILE] [--wp-content WP_CONTENT]
                    [--plugins-dir PLUGINS_DIR] [--themes-dir THEMES_DIR]
                    [--major VERSION_MAJOR] [-v VERSION]
                    [--wpvulndb-token WPVULNDB_TOKEN] [--debug]

CoMisSion analyse a CMS and plugins used.

optional arguments:
  -h, --help            show this help message and exit
  -d DIR, --dir DIR     CMS root directory
  -c CMS, --cms CMS     CMS type (drupal, wordpress)
  -o FILE, --output FILE
                        Path to output file
  -t TYPE, --type TYPE  Type of output (CSV, XLSX, JSON, STDOUT). Default to
                        XLSX.
  --skip-core           Set this to skip core analysis
  --skip-plugins        Set this to skip plugins analysis
  --skip-themes         Set this to skip themes analysis
  --no-color            Do not use colors in the output.
  -f CONF, --file CONF  Configuration file. See example.conf.
  --log LOGFILE         Log output in given file.
  --wp-content WP_CONTENT
                        Set this to force the wp-content directory location.
  --plugins-dir PLUGINS_DIR
                        Set this to force the plugins directory location.
  --themes-dir THEMES_DIR
                        Set this to force the themes directory location.
  --major VERSION_MAJOR
                        Specify the core major version (eg. 7, 8) when using
                        --skip-core arg. Works only for Drupal.
  -v VERSION, --version VERSION
                        Specify the core full version (eg. 5.5).
  --wpvulndb-token WPVULNDB_TOKEN
                        Set a token to request wpvulndb API.
  --debug               Print debug message to help identify errors.

🔥 In order to get vulnerabilities for WordPress, you have to set the --wpvulndb_token arg. You can get one token with an account on wpvulndb.

You can provide a configuration file. See example.conf for reference.

CMS supported

  • Wordpress
  • Drupal (no vulnerability checks)

Docker

We are not publishing any official image yet. To use the tool with docker, you can build an image. In the project folder, build with:

docker build -t isec/comission .

Then run it with :

docker run -it --rm -v /TARGET_PATH/:/cms_path/ -v /OUTPUT_DIR/:/output/ isec/comission -d /cms_path/ -c drupal -o /output/test_docker.xlsx -t XLSX

Be careful to change the path "TARGET_PATH" and "OUTPUT_DIR" to match your folders.

Tests

Unit tests are available in tests folder. Before launching test, you should create a test-data-set directory containing drupal and wordpress subdirectories, and a test.conf file containing at least a wpvulndb_token value.

Author

Paul Mars (Intrinsec)

Based on an idea of Etienne Boursier (Intrinsec)

Copyright - License - WPVULNDB

This tools is distributed under the GPLv3 license. But be careful, the tool uses the wpvulndb API to gather information on WordPress core and plugins.