Home

Awesome

c5scan (unmaintained)

Vulnerability scanner and information gatherer for the Concrete5 CMS. Is a little out of date presently pending a refactor.

Use

python c5scan.py -u <url> (-r)

-u   --url      Insert your target URL here
-r   --robots   If found, print contents of robots.txt

Dependencies

pip install httplib2 requests

Example

$ python c5scan.py -u localhost -r

**********************************************************
*                      ~ C5scan ~                        *
* A vulnerability and information gatherer for concrete5 *
*                auraltension@riseup.net                 *
**********************************************************

No http:// or https:// provided. Trying http://
URL: http://localhost/

[+] Discovered version 5.6.2.1 from meta 'generator' tag
[+] Interesting header: server: Apache/2.2.14 (Ubuntu)
[+] Interesting header: x-powered-by: PHP/5.3.2-1ubuntu4.24
[+] robots.txt found at  http://localhost/robots.txt
User-agent: *
Disallow: /blocks 
Disallow: /concrete 
Disallow: /config 
Disallow: /controllers 
Disallow: /css 
Disallow: /elements 
Disallow: /helpers 
Disallow: /jobs 
Disallow: /js 
Disallow: /languages 
Disallow: /libraries 
Disallow: /mail 
Disallow: /models 
Disallow: /packages 
Disallow: /single_pages 
Disallow: /themes 
Disallow: /tools
Disallow: /updates

Enumerating updates in /updates/
[+] Update version 5.5.2.1 exists
[+] Update version 5.6.2.1 exists

Looking for Readme files
[+] Found a readme at:  http://localhost/concrete/libraries/3rdparty/adodb/readme.txt
[+] Found a readme at:  http://localhost/concrete/libraries/3rdparty/adodb/docs/docs-adodb.htm
[+] Found a readme at:  http://localhost/concrete/blocks/video/README
[+] Found a readme at:  http://localhost/concrete/libraries/3rdparty/StandardAnalyzer/Readme.txt
[+] Found a readme at:  http://localhost/concrete/libraries/3rdparty/securimage/README.txt

Checking for known vulnerabilities in updates
[+] A known vulnerability exists for 5.6.2.1:
SQL Injection in index.php cID param
http://www.exploit-db.com/exploits/31735/

Checking for known vulnerabilities in current version
[+] A known vulnerability exists for 5.6.2.1:
SQL Injection in index.php cID param
http://www.exploit-db.com/exploits/31735/

Finished.