adobe-coldfusion-detector-4.yaml

id: adobe-coldfusion-detector 4

info:
  name: Adobe ColdFusion Detector
  author: philippedelteil
  severity: info
  description: With this template we can detect the version number of Coldfusion instances based on their logos.
  tags: adobe,coldfusion

requests:
  - payloads:
      Subdomains: /home/mahmoud/Wordlist/AllSubdomains.txt
    attack: sniper
    threads: 100

    raw:
      - |
        GET /cfide/administrator/images/background.jpg HTTP/1.1
        Host: {{Subdomains}}
        User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:68.0) Gecko/20100101 Firefox/68.0
        Accept-Encoding: gzip, deflate
        Accept: */*
        
    matchers-condition: or
    matchers:
      - type: dsl
        name: "coldfusion-8"
        dsl:
          - "status_code==200 && (\"da07693b70ddbac5bc0d8bf98d4a3539\" == md5(body))"

      - type: dsl
        name: "coldfusion-9"
        dsl:
          - "status_code==200 && (\"c0757351b00f7ecf35a035c976068d12\" == md5(body))"

      - type: dsl
        name: "coldfusion-10"
        dsl:
          - "status_code==200 && (\"a4c81b7a6289b2fc9b36848fa0cae83c\" == md5(body))"

      - type: dsl
        name: "coldfusion-11"
        dsl:
          - "status_code==200 && (\"7f024de9f480481ca03049e0d66679d6\" == md5(body))"

      - type: dsl
        name: "coldfusion-2016"
        dsl:
          - "status_code==200 && (\"f1281b6866aef66e35dc36fe4f0bf990\" == md5(body))"

      - type: dsl
        name: "coldfusion-2021"
        dsl:
          - "status_code==200 && (\"a88530d7f1980412dac076de732a4e86\" == md5(body))"

      - type: dsl
        name: "coldfusion-2018"
        dsl:
          - "status_code==200 && (\"92ef6ee3c4d1700e3cca797b19d3e7ba\" == md5(body))"

      - type: dsl
        name: "coldfusion-mx-7"
        dsl:
          - "status_code==200 && (\"cb594e69af5ba15bca453f76aca53615\" == md5(body))"