Content Management System (CMS)
Theory
A Content Management System (CMS) is a type of software widely used for websites creation and management. It the allows its users to easily create and manage websites such as blogs, forums and online stores. Among web applications, the large usage of CMS makes those software a huge target.
Here is a shortlist of the most common CMS: WordPress, Joomla, Shopify, Drupal, Magento, Typo3.
Practice
The use of a CMS on a web application is usually quite easy to spot with visual elements:
Credits at the bottom or corner of pages
HTTP headers
Common files (e.g.
robots.txt,sitemap.xml)Comments and metadata (HTML, CSS, JavaScript)
Stack traces and verbose error messages
Automated scanning tools can also help identify which technologies are used, and if known vulnerabilities may be present. Tools vary depending on the CMS technology to audit.
WPScan (Ruby) can be used for sites that use WordPress
droopescan (Python) supports Drupal, SilverStripe and WordPress and partially supports Joomla and Moodle.
Wappalyzer is a browser extension that can detect the use of certain software including CMS
Whatcms.org can help answering the question "What CMS is this site using?" but needs the target website to be accessible from the Internet.
For web applications built with WordPress, WPScan (Ruby) can be used to enumerate information and potential vulnerabilities. Appart from bruteforce and enumeration operations, WPScan doesn't implement exploits.
For web applications built with Drupal, SilverStripe, WordPress, Joomla or Moodle, droopescan (Python) can be used to enumerate information and potential vulnerabilities. Apart from bruteforce and enumeration operations, WPScan doesn't implement exploits.
Last updated
Was this helpful?