Drupwn claims to provide an efficient way to gather drupal information.
Further explaination on blog post article
Supported tested version
- Drupal 7
- Drupal 8
Execution mode
Drupwn can be run, using two seperate modes which are enum and exploit. The enum mode allows performing enumerations whereas the exploit mode allows checking and exploiting CVEs.
Functionalities
Enum mode
- User enumeration
- Node enumeration
- Default files enumeration
- Module enumeration
- Theme enumeration
- Cookies support
- User-Agent support
- Basic authentication support
- Request delay
- Enumeration range
- Logging
Exploit mode
- Vulnerability checker
- CVE exploiter
Installation
pip3 install -r requirements.txt
Usage
python3 drupwn.py --help
Docker alternative
Official image
You can pull the official Drupwn image from the dockerhub registry using the following command:
docker pull immunit/drupwn
Build
To build the container, just use this command:
docker build -t drupwn .
Be patient, the process can be quite long the first time.
Run
Once the build process is over, get and enjoy your new Drupal scanner
docker run --rm -it drupwn --help
Logging
The output generated is stored in the /tmp/ folder. When using docker, run your container using the following option
-v YOUR_PATH_FOLDER:/tmp/
Enhancement
To add a new module, follow the template used in the User.py file. Then, add a reference in the Parser as well as in the Dispatcher in order to ensure its support by the reflective factory.
Disclaimer of Warranty
Drupwn is provided under this License on an "as is" basis, without warranty of any kind, either expressed, implied, or statutory, including, without limitation, warranties that the Drupwn is free of defects, merchantable, fit for a particular purpose or non-infringing.
Disclaimer
Running Drupwn against websites without prior mutual consent may be illegal in your country. The ImmunIT Team accept no liability and are not responsible for any misuse or damage caused by Drupwn.