DPScan Drupal Security Scanner Tutorial

There are different CMS (content management system) are available like wordpress, Joomla, light CMS and Drupal. Security of each CMS is very important and as a penetration tester point we need to make a website secure by doing a penetration testing on it. There are different tools are available to enumerate into wordpress and joomla and to find the known vulnerabilities in wordpress and joomla but there is no tool for other common content management system like drupal.

Ali Elouafiq has released a wonderful tool to enumerate into drupal based CMS, this is the simple python script and anyone can easily use it. This tutorial will show you how DPScan enumerate the modules used by the drupal CMS.

First of all go and download DPScan, I am using backtrack 5 R1 machine for this tutorial that has python by default but if you are using some other operating system like Windows and other Linux distribution then install python first.

Open your terminal and then locate the directory where you have download the python script of DPScan, remember you can copy the script and then paste in your word editor then save it to whatever.py

The best practice is to download and then unzip the script, I have downloaded and unzip the script in my desktop and then locate the desktop is the terminal then the command is like this:

[email protected]:~/Desktop# python DPScan.py
DRUPAL Modules Enumerator v0.1beta– written by Ali Elouafiq 2012
<ScriptName> [filename.txt]
<ScriptName> [URL]
<ScriptName> [URL] user password // FOR HTTP AUTHORIZATION

A simple enumeration


[email protected]:~/Desktop# python DPScan.py www.mtv.co.uk
node
user_optin
fckeditor
system
gsa
mtv_videobrowse
nice_menus
user
cck
top_tabs
panels
jquery_update
[email protected]:~/Desktop#


Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.
Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

How to Install Kali Linux on VirtualBox [Windows Host] in 2020

Kali Linux is a Debian based Linux distribution, released on the 13th March 2013 as a complete rebuild of BackTrack Linux. It is one of...

Acunetix v13 Release Introduces Groundbreaking Innovations

The newest release of the Acunetix Web Vulnerability Scanner further improves performance and premieres best-of-breed technologies London, United Kingdom – February 5, 2019 – Acunetix,...

What is Ethical Hacking, how to be an Ethical Hacker

Hacking is the process of discovering vulnerabilities in a system and using these found vulnerabilities by gaining unauthorized access into the system to perform...

Basic steps to ensure security Online!

Security concerns are growing day by day due to the growing interconnectivity and technology. Drastic things can happen if you be a little careless...