Create optimizely-cms-dotnet-exposure.yaml

2026-01-31 15:53:33 +08:00 · 2025-12-05 07:30:56 +09:00
parent c6f8792686
commit ac529a21f5
1 changed files with 42 additions and 0 deletions
--- a/http/technologies/optimizely-cms-dotnet-exposure.yaml
+++ b/http/technologies/optimizely-cms-dotnet-exposure.yaml
@@ -0,0 +1,42 @@
+id: optimizely-cms-dotnet-exposure
+
+info:
+  name: Optimizely CMS Episerver - .NET Version Exposure
+  author: 0x_Akoko
+  severity: info
+  description: |
+    Detected Optimizely CMS (previously Episerver) running on .NET, exposing platform information through headers.
+  reference:
+    - https://docs.developers.optimizely.com/
+    - https://world.optimizely.com/
+  classification:
+    cwe-id: CWE-200
+  metadata:
+    verified: true
+    max-request: 2
+    shodan-query: http.html:"episerver"
+    fofa-query: body="episerver"
+  tags: tech,optimizely,episerver,cms,dotnet,exposure
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/EPiServer/CMS"
+      - "{{BaseURL}}/episerver/cms"
+
+    stop-at-first-match: true
+    matchers:
+      - type: regex
+        part: header
+        regex:
+          - '(?i)X-AspNet-Version:\s*[\d.]+'
+          - '(?i)X-AspNetMvc-Version:\s*[\d.]+'
+        condition: or
+
+    extractors:
+      - type: regex
+        part: header
+        group: 1
+        regex:
+          - '(?i)X-AspNet-Version:\s*([\d.]+)'
+          - '(?i)X-AspNetMvc-Version:\s*([\d.]+)'