2022-09-02 01:28:12 +05:30
|
|
|
id: drupal-detect
|
2022-08-25 20:37:56 +03:00
|
|
|
|
|
|
|
|
info:
|
2025-01-30 13:22:11 +05:30
|
|
|
name: Drupal - Detect
|
2025-01-30 13:24:48 +05:30
|
|
|
author: 1nf1n7y,pathtaga
|
2022-08-25 20:37:56 +03:00
|
|
|
severity: info
|
2024-09-10 14:38:16 +05:30
|
|
|
classification:
|
2025-01-30 13:24:48 +05:30
|
|
|
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
|
|
|
|
cwe-id: CWE-200
|
2024-09-10 14:38:16 +05:30
|
|
|
cpe: cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*
|
2022-08-25 20:37:56 +03:00
|
|
|
metadata:
|
2022-08-26 10:59:08 +05:30
|
|
|
verified: true
|
2025-01-30 13:24:48 +05:30
|
|
|
max-request: 4
|
2024-09-10 13:52:50 +05:30
|
|
|
vendor: drupal
|
2024-09-10 14:38:16 +05:30
|
|
|
product: drupal
|
2025-01-30 13:24:48 +05:30
|
|
|
shodan-query:
|
|
|
|
|
- http.component:"drupal"
|
|
|
|
|
- cpe:"cpe:2.3:a:drupal:drupal"
|
2022-08-25 20:37:56 +03:00
|
|
|
tags: tech,drupal
|
|
|
|
|
|
2023-04-27 09:58:59 +05:30
|
|
|
http:
|
2022-08-25 20:37:56 +03:00
|
|
|
- method: GET
|
|
|
|
|
path:
|
2022-09-02 01:28:12 +05:30
|
|
|
- "{{BaseURL}}"
|
2022-08-25 20:37:56 +03:00
|
|
|
- "{{BaseURL}}/CHANGELOG.txt"
|
2023-08-17 12:11:14 +02:00
|
|
|
- "{{BaseURL}}/core/install.php"
|
2025-01-30 13:22:11 +05:30
|
|
|
- "{{BaseURL}}/user/login"
|
2022-08-25 20:37:56 +03:00
|
|
|
|
2025-01-30 13:22:11 +05:30
|
|
|
stop-at-first-match: true
|
2022-09-02 01:28:12 +05:30
|
|
|
matchers-condition: or
|
2022-08-25 20:37:56 +03:00
|
|
|
matchers:
|
|
|
|
|
- type: word
|
2022-08-26 10:59:08 +05:30
|
|
|
part: body
|
2022-08-25 20:37:56 +03:00
|
|
|
words:
|
2022-08-26 10:59:08 +05:30
|
|
|
- 'Initial release'
|
|
|
|
|
- 'Drupal 1.0.0'
|
|
|
|
|
condition: and
|
|
|
|
|
|
2022-09-02 01:28:12 +05:30
|
|
|
- type: word
|
|
|
|
|
part: body
|
|
|
|
|
words:
|
|
|
|
|
- 'content="Drupal'
|
2023-08-17 12:11:14 +02:00
|
|
|
|
2025-01-30 13:22:11 +05:30
|
|
|
- type: regex
|
|
|
|
|
part: header
|
|
|
|
|
regex:
|
|
|
|
|
- '(?i)x-drupal'
|
|
|
|
|
- "(?i)x-generator: drupal"
|
|
|
|
|
condition: or
|
|
|
|
|
|
2023-08-17 12:11:14 +02:00
|
|
|
extractors:
|
|
|
|
|
- type: regex
|
|
|
|
|
part: body
|
|
|
|
|
name: version_by_install
|
|
|
|
|
group: 1
|
|
|
|
|
regex:
|
2023-10-14 16:57:55 +05:30
|
|
|
- 'class="site-version">([0-9.x-]+)'
|
2025-01-30 13:03:53 +00:00
|
|
|
# digest: 4a0a0047304502204b8db21a61d4b068c5516548ab7c78857c358a3c740b002ff0b1e5d9921c6b5c0221009d21f2c0e5cc32167e8f4991987a7af56605b57b7e3db510117c77851ecc5729:922c64590222798bb761d5b6d8e72950
|
