id: sitecore-version

info:
  name: Sitecore version detection
  author: bernardofsr
  severity: info
  reference:
    - https://www.cvedetails.com/vulnerability-list/vendor_id-9609/Sitecore.html
  metadata:
    max-request: 1
  tags: sitecore,tech

http:
  - method: GET
    path:
      - "{{BaseURL}}/sitecore/shell/sitecore.version.xml"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200

      - type: word
        words:
          - "Sitecore Corporation"
        part: body

    extractors:
      - type: regex
        group: 1
        regex:
          - "<major>([0-9]+)</major>"

      - type: regex
        group: 1
        regex:
          - "<minor>([0-9]+)</minor>"

      - type: regex
        group: 1
        regex:
          - "<build>([0-9]+)</build>"

      - type: regex
        group: 1
        regex:
          - "<revision>([0-9]+)</revision>"
# digest: 490a0046304402200daf2ee4a75a6c16d65fdf23cf8f841f8867a6ba1d5afb3b12fe8acb2f4034f602206db36b363964757c548ee6a6aef9877d39d6474f146e78cd4ebab728ac8d8d57:922c64590222798bb761d5b6d8e72950