Plone is one of the most powerful and secure CMS that has been around for many years. Very few vulnerabilities exist for Plone, comparing to other major CMS, as we can see on the stats taken by the National Vulnerability Database and assembled on http://plone.org/products/plone/security/overview
But despite the fact that there aren't the hundreds of sql injections and XSS attacks that are disclosed every now and then for the big PHP based CMS, even the most secure system can be penetrated due to misconfigurations, use of weak passwords and if the admins never apply the patches released.
Plown has been developed during penetration tests on Plone sites and was used to ease the discovery of usernames and passwords, plus expose known Plone vulnerabilities that might exist on a system.
What Plown does
- Username enumeration
- Multithreading password cracking.You can specify the login url (if different that login_form) and the number of threads (16 default)
- Known vulnerability enumeration, based on urls/objects exposed. If found vulnerable, the tool informs about the vulnerability and the url of the patch
- Version enumeration is planned, based on md5 hashes of static content (css, js)
Plown is written on Python and the code is available on github
$ git clone https://github.com/unweb/plown
