There's a very common technique that is used by almost all the open source tools available online right now to enumerate Drupal plugins, themes, and modules. For enumeration, we just have to look for the following files in the themes/, plugins/, and modules/ directories:
/README.txt /LICENSE.txt /CHANGELOG.txt
The README.txt file provides plugin, theme, and module versions. It even discloses the Drupal version number as well. The LICENSE.txt file includes the GNU General Public License (GPL) license. If any of the plugins/, themes/, or modules/ directories have this file, this means that the specific plugin, theme, or module is installed. The CHANGELOG.txt file discloses the version number of the installed plugin, theme, or module.
The module name can be found either from the README.txt file or from the URL itself, as can be seen in the following screenshot:
For enumeration, we can either write our own Metasploit wrapper module or we can use a third-party, open source tool – droopescan. To code our own wrapper, we can follow what we did in the previous chapter, Chapter 8, Pentesting CMSes – WordPress. We will now be proceeding with vulnerability scanning using droopescan.