Drupwn

Drupwn claims to provide an efficient way to gather Drupal information. It is a python script, following a modular architecture for maintenance and enhancement purposes, which allows enumerating various kind of information that could be valuable to any security assessment against such platform.

It can be run, using two separate modes which are enum and exploit. The enum mode allows performing enumerations whereas the exploit mode allows checking and exploiting CVEs.

Supported tested version

• Drupal 7
• Drupal 8

Functionalities

Enum mode

• User enumeration
• Node enumeration
• Default files enumeration
• Module enumeration
• Theme enumeration
• Cookies support
• User-Agent support
• Basic authentication support
• Request delay
• Enumeration range
• Logging
• Socks and HTTP proxy support

Exploit mode

• Vulnerability checker
• CVE exploiter

Changelog

[1.0.4] [2020-05-12]

Added

• Added –update option to fetch the list of new modules and themes from git.drupalcode.org
• Custom modules detection

Installation

git clone https://github.com/immunIT/drupwn.git

pip3 install -r requirements.txt

Usage

usage: drupwn.py [-h] [–fingerprinting] [–users] [–nodes] [–modules]
[–dfiles] [–themes] [–cookies COOKIES] [–thread THREAD]
[–range RANGE] [–ua UA] [–bauth BAUTH] [–delay DELAY]
[–log]
target

optional arguments:
-h, –help show this help message and exit
–fingerprinting Drupal version
–users user enumaration
–nodes node enumeration
–modules module enumeration
–dfiles default files enumeration
–themes theme enumeration
–cookies COOKIES cookies
–thread THREAD threads number
–range RANGE enumeration range
–ua UA User Agent
–bauth BAUTH Basic authentication
–delay DELAY request delay
–log file logging

Demo

Copyright (C) 2018 immunIT

Source: https://github.com/immunIT/