nuclei-templates/http/takeovers/meteor-takeover.yaml

29 lines
789 B
YAML
Raw Permalink Normal View History

id: meteor-takeover
info:
name: Meteor subdomain takeover
author: rivalsec
severity: high
2023-12-22 08:59:06 +00:00
description: Meteor takeover was detected.
reference:
- https://rivalsec.github.io/blog/2022/12/02/meteor.html
- https://github.com/EdOverflow/can-i-take-over-xyz/issues/321
metadata:
max-request: 1
2023-10-14 11:27:55 +00:00
tags: takeover,meteor
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: word
words:
- "404 Not Found: No applications registered for host '"
2024-07-10 11:31:30 +00:00
extractors:
- type: dsl
dsl:
- "resolve(Host, 'cname')"
# digest: 4b0a00483046022100dd786b650d96f7b610f6fabb775fb0a1bdbdc399098915fed785dc96c4096290022100efa3ad374411b3b54f0901c2147f72f158c6e217fcf25d1ecc77b2ad9a38a28f:922c64590222798bb761d5b6d8e72950