Merge pull request #168 from h4ckzard/master

Several fixes and innovations

cmseekdb/cmss.py

@@ -20,6 +20,13 @@
     'deeps':'1'
 }
 
+tilda = {
+    'name':'Tilda CMS',
+    'url':'https://tilda.cc/',
+    'vd':'0',
+    'deeps':'0'
+}
+
 mg = {
     'name':'Magento',
     'url':'https://magento.com',
@@ -83,6 +90,13 @@
     'deeps':'0'
 }
 
+zyro = {
+    'name':'Zyro',
+    'url':'https://zyro.com/',
+    'vd':'0',
+    'deeps':'0'
+}
+
 bolt = {
     'name':'Bolt',
     'url':'https://bolt.com',
@@ -285,12 +299,24 @@
     'vd':'0',
     'deeps':'0'
 }
+dle = {
+    'name':'DataLife Engine',
+    'url':'https://dle-news.com',
+    'vd':'0',
+    'deeps':'0'
+}
 spity = {
     'name':'Serendipity',
     'url':'https://docs.s9y.org/',
     'vd':'1',
     'deeps':'0'
 }
+rcube = {
+    'name':'RoundCube Webmail',
+    'url':'https://roundcube.net/',
+    'vd':'0',
+    'deeps':'0'
+}
 slcms = {
     'name':'SeamlessCMS',
     'url':'https://www.seamlesscms.com/',

cmseekdb/core.py

@@ -20,6 +20,7 @@
 import cmseekdb.sc as source # Contains function to detect cms from source code
 import cmseekdb.header as header # Contains function to detect CMS from gathered http headers
 import cmseekdb.cmss as cmsdb # Contains basic info about the CMSs
+import cmseekdb.dirscheck as dirscheck # Containts function to detect CMS by directory checks
 import cmseekdb.robots as robots
 import cmseekdb.generator as generator
 import cmseekdb.result as result
@@ -81,13 +82,15 @@ def main_proc(site,cua):
     detection_method = '' # ^
     ga = '0' # is generator available
     ga_content = '' # Generator content
+
+    #print(scode)
 
     ## Parse generator meta tag
     parse_generator = generator.parse(scode)
     ga = parse_generator[0]
     ga_content = parse_generator[1]
 
-    cmseek.statement("Using headers to detect CMS (Stage 1 of 4)")
+    cmseek.statement("Using headers to detect CMS (Stage 1 of 5)")
     header_detection = header.check(headers)
 
     if header_detection[0] == '1':
@@ -98,18 +101,18 @@ def main_proc(site,cua):
     if cms_detected == '0':
         if ga == '1':
             # cms detection via generator
-            cmseek.statement("Using Generator meta tag to detect CMS (Stage 2 of 4)")
+            cmseek.statement("Using Generator meta tag to detect CMS (Stage 2 of 5)")
             gen_detection = generator.scan(ga_content)
             if gen_detection[0] == '1':
                 detection_method = 'generator'
                 cms = gen_detection[1]
                 cms_detected = '1'
         else:
-            cmseek.statement('Skipping stage 2 of 4: No Generator meta tag found')
+            cmseek.statement('Skipping stage 2 of 5: No Generator meta tag found')
 
     if cms_detected == '0':
         # Check cms using source code
-        cmseek.statement("Using source code to detect CMS (Stage 3 of 4)")
+        cmseek.statement("Using source code to detect CMS (Stage 3 of 5)")
         source_check = source.check(scode, site)
         if source_check[0] == '1':
             detection_method = 'source'
@@ -118,12 +121,21 @@ def main_proc(site,cua):
 
     if cms_detected == '0':
         # Check cms using robots.txt
-        cmseek.statement("Using robots.txt to detect CMS (Stage 4 of 4)")
+        cmseek.statement("Using robots.txt to detect CMS (Stage 4 of 5)")
         robots_check = robots.check(site, cua)
         if robots_check[0] == '1':
             detection_method = 'robots'
             cms = robots_check[1]
             cms_detected = '1'
+
+    if cms_detected == '0':
+        # Check cms using directory checks
+        cmseek.statement("Using directories to detect CMS (Stage 5 of 5)")
+        dirs_check = dirscheck.check(site, cua)
+        if dirs_check[0] == '1':
+            detection_method = 'dirscheck'
+            cms = dirs_check[1]
+            cms_detected = '1'
 
     if cms_detected == '1':
         cmseek.success('CMS Detected, CMS ID: ' + cmseek.bold + cmseek.fgreen + cms + cmseek.cln + ', Detection method: ' + cmseek.bold + cmseek.lblue + detection_method + cmseek.cln)

cmseekdb/dirscheck.py

@@ -0,0 +1,56 @@
+#!/usr/bin/python3
+# -*- coding: utf-8 -*-
+# This is a part of CMSeeK, check the LICENSE file for more information
+# Copyright (c) 2023 hackzard
+
+# Detect cms using directory (modules) checks
+# Rev 1
+import re
+import cmseekdb.basic as cmseek
+def check(url, ua):
+    directories = ["/manager/", "/admin/", "/about/"]
+    # check for modules directory
+    for directory in directories:
+            directory = url.rstrip('/') + directory
+            page_source = cmseek.getsource(directory, ua)
+            if page_source[0] == '1' and page_source[1] != '':
+                # Check begins here
+                page_content = page_source[1]
+                #### START DETECTION FROM HERE
+                ## || <- if either of it matches cms detected
+                ## :::: <- all the strings has to match (implemented to decrease false positives)
+                directory_detection_keys = [
+                'http://modx.com||MODX CMF Manager Login||/MODxRE/:-modx',
+                'SilverStripe:-sst',
+                'bitrix||Bitrix:-bitrix'
+                ]
+                for detection_key in directory_detection_keys:
+                    if ':-' in detection_key:
+                        detection_array = detection_key.split(':-')
+                        if '||' in detection_array[0]:
+                            detection_strings = detection_array[0].split('||')
+                            for detection_string in detection_strings:
+                                if detection_string in page_content and detection_array[1] not in cmseek.ignore_cms:
+                                    if cmseek.strict_cms == [] or detection_array[1] in cmseek.strict_cms:
+                                        return ['1', detection_array[1]]
+                        elif '::::' in detection_array[0]:
+                            match_status = '0' # 0 = neutral, 1 = passed, 2 = failed
+                            match_strings = detection_array[0].split('::::')
+                            for match_string in match_strings:
+                                if match_status == '0' or match_status == '1':
+                                    if match_string in page_content:
+                                        match_status = '1'
+                                    else:
+                                        match_status = '2'
+                                else:
+                                    match_status = '2'
+                            if match_status == '1' and detection_array[1] not in cmseek.ignore_cms:
+                                if cmseek.strict_cms == [] or detection_array[1] in cmseek.strict_cms:
+                                    return ['1', detection_array[1]]
+                        else:
+                            if detection_array[0] in page_content and detection_array[1] not in cmseek.ignore_cms:
+                                if cmseek.strict_cms == [] or detection_array[1] in cmseek.strict_cms:
+                                    return ['1', detection_array[1]]
+    else:
+        cmseek.error('Unable to detect CMS even by directory (modules) checks!')
+        return ['0','']

cmseekdb/generator.py

@@ -59,6 +59,7 @@ def scan(content):
                 'tiki wiki cms groupware||http://tiki.org:-tiki',
                 'snews:-snews',
                 'silverstripe:-sst',
+                'umi:-umi',
                 'silva:-silva',
                 'serendipity:-spity',
                 'seamless.cms.webgui:-slcms',
@@ -94,6 +95,7 @@ def scan(content):
                 'cotonti:-coton',
                 'orchard:-orchd',
                 'contentbox:-cbox',
+                'DataLife Engine:-dle',
                 'contensis cms:-cntsis',
                 'contenido:-cnido',
                 'contao:-contao',

cmseekdb/header.py

@@ -37,6 +37,7 @@ def check(hstring):
         'X-Powered-By: pimcore:-pcore',
         'x-powered-by: PencilBlue:-pblue',
         'x-powered-by: Ophal:-ophal',
+        'x-powered-by: Zyro.com:-zyro',
         'Server: OpenCms:-ocms',
         'X-Odoo-:-odoo',
         'X-SharePointHealthScore||SPIisLatency||SPRequestGuid||MicrosoftSharePointTeamServices||SPRequestDuration:-share',

cmseekdb/robots.py

@@ -8,7 +8,7 @@
 import re
 import cmseekdb.basic as cmseek
 def check(url, ua):
-    robots = url + '/robots.txt'
+    robots = url.rstrip('/') + '/robots.txt'
     robots_source = cmseek.getsource(robots, ua)
     # print(robots_source[1])
     if robots_source[0] == '1' and robots_source[1] != '':
@@ -23,6 +23,8 @@ def check(url, ua):
         'Disallow: /wp-admin/||Allow: /wp-admin/admin-ajax.php:-wp',
         'Disallow: /kernel/::::Disallow: /language/::::Disallow: /templates_c/:-xoops',
         'Disallow: /textpattern:-tpc',
+        'Disallow: /adminzone/:-umi',
+        'Disallow: /tilda:-tilda',
         'Disallow: /sitecore||Disallow: /sitecore_files||Disallow: /sitecore modules:-score',
         'Disallow: /phpcms||robots.txt for PHPCMS:-phpc',
         'Disallow: /*mt-content*||Disallow: /mt-includes/:-moto',
@@ -33,6 +35,7 @@ def check(url, ua):
         'Disallow: /plus/ad_js.php||Disallow: /plus/erraddsave.php||Disallow: /plus/posttocar.php||Disallow: /plus/disdls.php||Disallow: /plus/mytag_js.php||Disallow: /plus/stow.php:-dede',
         'modules/contentbox/themes/:-cbox',
         'Disallow: /contao/:-contao',
+        "Disallow: /bitrix/:-bitrix",
         'Disallow: /concrete:-con5',
         'Disallow: /auth/cas::::Disallow: /auth/cas/callback:-dscrs',
         'uc_client::::uc_server::::forum.php?mod=redirect*:-discuz',

cmseekdb/sc.py

@@ -29,6 +29,7 @@ def check(page_source_code, site): ## Check if no generator meta tag available
         "css/joomla.css:-joom",
         "Powered By <a href=\"http://www.opencart.com\">OpenCart||\"catalog/view/javascript/jquery/swiper/css/opencart.css\"||index.php?route=:-oc",
         "/xoops.js||xoops_redirect:-xoops",
+	"tildacdn.com:-tilda",
         "Wolf Default RSS Feed:-wolf",
         "/ushahidi.js||alt=\"Ushahidi\":-ushahidi",
         "getWebguiProperty:-wgui",
@@ -39,18 +40,23 @@ def check(page_source_code, site): ## Check if no generator meta tag available
         "content=\"sNews:-snews",
         "/api/sitecore/:-score",
         "simsite/:-sim",
-        "simplebo.net/ ||\"pswp__:-spb",
+        "simplebo.net/:-spb",
         "/silvatheme:-silva",
         "serendipityQuickSearchTermField ||\"serendipity_||serendipity[:-spity",
         "Published by Seamless.CMS.WebUI:-slcms",
         "rock-config-trigger||rock-config-cancel-trigger:-rock",
         "/rcms-f-production.:-rcms",
         "CMS by Quick.Cms:-quick",
+        "Powered by Quick.Cart:-quick",
+        "DataLife Engine||dle_js.js:-dle",
+        "Roundcube Webmail||rcube_webmail:-rcube",
+        "bitrix||Bitrix:-bitrix", # your Captain Obvious
         "\"pimcore_:-pcore",
         "xmlns:perc||cm/css/perc_decoration.css:-percms",
         "PencilBlueController||\"pencilblueApp\":-pblue",
         "/libraries/ophal.js:-ophal",
         "Sitefinity/WebsiteTemplates:-sfy",
+        "assets.zyrosite.com:-zyro",
         "published by Open Text Web Solutions:-otwsm",
         "/opencms/export/:-ocms",
         "odoo.session_info||var odoo =:-odoo",