# Attention
项目正在重构中:[cmsPoc 2.0](https://github.com/CHYbeta/cmsPoc/tree/2.0)
注意:2.0版本的poc库还未更新相应接口,无法调用。若需使用,建议先使用1.0版本。
# cmsPoc 1.0
[](https://www.python.org/)
## Requirements
- python2.7
- Works on Linux, Windows
## Usage
```
usage: cmspoc.py [-h]
-t TYPE -s SCRIPT -u URL
optional arguments:
-h, --help show this help message and exit
-t TYPE, --type TYPE e.g.,phpcms
-s SCRIPT, --script SCRIPT
Select script
-u URL, --url URL Input a target url
```
参数说明:
- -t:指定cms的类型,比如 -t beecms
- -s:指定要载入的POC脚本,比如 -s v40_fileupload_getshell
- -u:指定目标cms,比如 -u http://vuln/index.php
## Script
完整脚本列表请见:[cmsPoc-Wiki:Scripts](https://github.com/CHYbeta/cmsPoc/wiki/Scripts)
For a complete script list,you can see here: [cmsPoc-Wiki:Scripts](https://github.com/CHYbeta/cmsPoc/wiki/Scripts)
## Examples
```
python cmspoc.py -u http://127.0.0.1/beecms/inex.php -t beecms -s v40_fileupload_getshell
```
# Legal Disclaimer
本项目仅供教育和学习交流使用,请勿用于非法用途恶意攻击,否则后果作者概不负责。
This project is made for educational and ethical testing purposes only。It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program.
CMS渗透测试框架-A CMS Exploit Framework.zip (60个子文件) 
lib 
__init__.py 0B controllor __init__.py 0B init.py 400B task.py 1KB controllor.py 362B parse __init__.py 0B cmdline.py 336B core __init__.py 0B init.py 400B datatype.py 2KB setting.py 833B common.py 65B data.py 76B plugin __init__.py 0B other __init__.py 0B findweb.py 319B crypto __init__.py 0B authcode.py 2KB pic 
pic.png 76B 1.png 225B
标签.txt 50B data user-Agent 383KB cmspoc.py 845B
example.gif 59KB 资源内容.txt 700B .gitignore 5B README.md 2KB scripts __init__.py 0B zzcms v81_sqlinject_getpasswd.py 844B tpshop v208_preview_getshell.py 1KB v208_fileupload_getshell.py 752B axublog v106_sqlinject_getadmin.py 899B v106_sqlinject_getpasswd.py 1KB discuz v34_delete_arbitrary_files.py 2KB appcms v20101_backdoor_getshell.py 1KB icms __init__.py 0B v701_sqlinject_getadmin.py 1KB exponent v239_install_getshell.py 1KB v238_fileupload_getshell.py 2KB fiyocms v207_fileread_getconfig.py 706B v207_fileupload_getshell.py 1KB joomla v370_sqlinject_getuser.py 888B duomicms v132_sqlinject_getpasswd.py 1011B v132_eval_getshell.py 750B easycms v11_sqlinject_getpasswd.py 1KB seacms v655_eval_getshell.py 1000B v645_eval_getshell.py 876B v654_eval_getshell.py 980B opensns v280_fileupload_getshell.py 1KB drupal v833_yamlseria_getphpinfo.py 2KB phpok v47_fileupload_getshell.py 2KB siteserver v364_unauth_getpasswd.py 2KB iwebshop v46_sqlinject_getpasswd.py 952B phpcms v960_fileupload_getshell.py 28B __init__.py 0B v960_sqlinject_getpasswd.py 2KB niushop v111_fileupload_getshell.py 1KB beecms __init__.py 0B v40_fileupload_getshell.py 2KB semcms v23_sqlinject_getadmin.py 720B资源评论
