nuclei-templates/http/takeovers/uservoice-takeover.yaml

34 lines
852 B
YAML
Raw Permalink Normal View History

2022-08-27 02:18:39 +00:00
id: uservoice-takeover
info:
2022-08-27 15:58:37 +00:00
name: Uservoice Takeover Detection
2022-08-27 02:18:39 +00:00
author: MiryangJung
severity: high
2023-12-22 08:59:06 +00:00
description: Uservoice takeover was detected.
2022-08-27 02:18:39 +00:00
reference:
2022-12-06 18:23:33 +00:00
- https://github.com/EdOverflow/can-i-take-over-xyz/issues/163
- https://hackerone.com/reports/269109
metadata:
max-request: 1
2023-10-14 11:27:55 +00:00
tags: takeover,uservoice,hackerone
2022-08-27 02:18:39 +00:00
http:
2022-08-27 02:18:39 +00:00
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: and
2022-08-27 02:18:39 +00:00
matchers:
- type: dsl
dsl:
- Host != ip
2022-08-27 02:18:39 +00:00
- type: word
words:
- "This UserVoice subdomain is currently available!"
2024-07-10 11:31:30 +00:00
extractors:
- type: dsl
dsl:
- cname
# digest: 490a0046304402207d18cf1c003872034dc42a90718a321f4b9df43bd802847544542260a00dab00022079d7bd2aa1e38ebd91dfb0e0a06cf638e2bde1990f8ca5c346997e917c7ec759:922c64590222798bb761d5b6d8e72950