nuclei-templates/miscellaneous/tabnabbing-check.yaml

25 lines
1.1 KiB
YAML
Raw Normal View History

2021-05-16 16:52:00 +00:00
id: tabnabbing-check
2020-10-19 10:41:25 +00:00
info:
2021-05-16 16:52:00 +00:00
name: Reverse Tabnabbing
2020-10-19 10:41:25 +00:00
author: bolli95
2021-05-16 16:52:00 +00:00
severity: info
tags: misc
2021-05-16 17:06:52 +00:00
reference: |
- https://owasp.org/www-community/attacks/Reverse_Tabnabbing
- https://www.youtube.com/watch?v=TMKZCHYmtD4
- https://hackerone.com/reports/211065
2020-10-19 10:41:25 +00:00
requests:
- method: GET
path:
- "{{BaseURL}}"
2021-05-16 16:52:00 +00:00
2020-10-19 10:41:25 +00:00
matchers-condition: and
matchers:
- type: dsl
dsl:
2020-10-19 10:55:41 +00:00
- 'regex("<a[A-z0-9\/\"\&\=\%\#\.\:\_\@\\\$ ]*target\=\"_blank\"[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*>", replace_regex(replace_regex(body, "<a[A-z0-9\/\"\&\=\%\#\.\:\_\@\\\$ ]*target\=\"_blank\"[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*(rel=\"noopener noreferrer\"|rel=\"noreferrer noopener\"|rel=\"noreferrer\"|rel=\"noopener\")[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*>", ""), "<a[A-z0-9\/\"\&\=\%\#\.\:\_\@\\\$ ]*(rel=\"noopener noreferrer\"|rel=\"noreferrer noopener\"|rel=\"noreferrer\"|rel=\"noopener\")[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*target\=\"_blank\"[A-z0-9\/\"\&\%\=\#\.\:\_\@\\\$ ]*>", "")) || regex("window\.open\\([^,]+\\)", body)'
2020-10-19 10:41:25 +00:00
- type: dsl
2020-10-19 11:06:30 +00:00
dsl:
2021-05-16 16:52:00 +00:00
- "!contains(tolower(all_headers), 'referrer-policy: no-referrer')"