Merge pull request #5753 from daffainfo/patch-32

fix: false negative wordpress template
2022-10-25 11:43:40 +05:30 · 2022-10-25 11:43:40 +05:30 · beb5c7a8e8
parent 9eeea93873 1920b0bc38
commit beb5c7a8e8
1 changed files with 17 additions and 8 deletions
--- a/technologies/wordpress-detect.yaml
+++ b/technologies/wordpress-detect.yaml
@ -1,23 +1,24 @@
 id: wordpress-detect

 info:
-  name: WordPress Detection
-  author: pdteam
+  name: WordPress Detect
+  author: pdteam,daffainfo
  severity: info
  metadata:
+    verified: true
    shodan-query: http.component:"WordPress"
-  tags: tech,wordpress
+  tags: tech,wordpress,cms,wp

 requests:
  - method: GET
    path:
-      - "{{BaseURL}}"
+      - '{{BaseURL}}'
+      - '{{BaseURL}}/feed/'
+      - '{{BaseURL}}/?feed=rss2' #alternative if /feed/ is blocked

-    host-redirects: true
-    max-redirects: 2
+    stop-at-first-match: true
    matchers-condition: or
    matchers:
-
      - type: regex
        regex:
          - '<link[^>]+s\d+\.wp\.com'
@ -25,6 +26,14 @@ requests:
          - '<!--[^>]+WP-Super-Cache'
        condition: or

+      - type: word
+        part: body
+        words:
+          - '<generator>'
+          - '<link>'
+          - '<title>'
+        condition: and
+
      - type: word
        words:
          - 'wp-login.php'
@ -38,4 +47,4 @@ requests:
      - type: regex
        group: 1
        regex:
-          - 'content="WordPress ([0-9.]+)"'
+          - '(?m)https:\/\/wordpress.org\/\?v=([0-9.]+)'