50 lines
1.3 KiB
YAML
50 lines
1.3 KiB
YAML
id: wordpress-header-footer
|
|
|
|
info:
|
|
name: Head, Footer and Post Injections Detection
|
|
author: ricardomaia
|
|
severity: info
|
|
reference:
|
|
- https://wordpress.org/plugins/header-footer/
|
|
metadata:
|
|
max-request: 1
|
|
plugin_namespace: header-footer
|
|
wpscan: https://wpscan.com/plugin/header-footer
|
|
tags: tech,wordpress,wp-plugin,top-200
|
|
|
|
http:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/wp-content/plugins/header-footer/readme.txt"
|
|
|
|
payloads:
|
|
last_version: helpers/wordpress/plugins/header-footer.txt
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: body
|
|
internal: true
|
|
name: internal_detected_version
|
|
group: 1
|
|
regex:
|
|
- '(?i)Stable.tag:\s?([\w.]+)'
|
|
|
|
- type: regex
|
|
part: body
|
|
name: detected_version
|
|
group: 1
|
|
regex:
|
|
- '(?i)Stable.tag:\s?([\w.]+)'
|
|
|
|
matchers-condition: or
|
|
matchers:
|
|
- type: dsl
|
|
name: "outdated_version"
|
|
dsl:
|
|
- compare_versions(internal_detected_version, concat("< ", last_version))
|
|
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- '(?i)Stable.tag:\s?([\w.]+)'
|
|
# digest: 4a0a00473045022008c5182af358ccf96088e3adf6d986242f3fea210f8fdb14707c244246ea3833022100da7c9a4f055ea11b3020aa9e7f6c6c9286d9b07fa973c12f27ba87ca27092ac6:922c64590222798bb761d5b6d8e72950 |