2022-12-06 03:47:19 +00:00
|
|
|
id: meteor-takeover
|
2022-12-03 13:57:17 +00:00
|
|
|
|
|
|
|
|
info:
|
|
|
|
|
name: Meteor subdomain takeover
|
|
|
|
|
author: rivalsec
|
|
|
|
|
severity: high
|
2023-12-22 08:59:06 +00:00
|
|
|
description: Meteor takeover was detected.
|
2022-12-03 13:57:17 +00:00
|
|
|
reference:
|
|
|
|
|
- https://rivalsec.github.io/blog/2022/12/02/meteor.html
|
|
|
|
|
- https://github.com/EdOverflow/can-i-take-over-xyz/issues/321
|
2023-04-28 08:11:21 +00:00
|
|
|
metadata:
|
|
|
|
|
max-request: 1
|
2023-10-14 11:27:55 +00:00
|
|
|
tags: takeover,meteor
|
2022-12-03 13:57:17 +00:00
|
|
|
|
2023-04-27 04:28:59 +00:00
|
|
|
http:
|
2022-12-03 13:57:17 +00:00
|
|
|
- method: GET
|
|
|
|
|
path:
|
|
|
|
|
- "{{BaseURL}}"
|
|
|
|
|
|
|
|
|
|
matchers:
|
|
|
|
|
- type: word
|
|
|
|
|
words:
|
|
|
|
|
- "404 Not Found: No applications registered for host '"
|
2024-07-10 11:31:30 +00:00
|
|
|
|
2024-07-08 12:16:52 +00:00
|
|
|
extractors:
|
|
|
|
|
- type: dsl
|
|
|
|
|
dsl:
|
2024-07-17 14:38:10 +00:00
|
|
|
- cname
|
2024-07-17 14:40:22 +00:00
|
|
|
# digest: 490a00463044022044e9dd247d96539bc796b57ad5f64b0c1dd8e55d81a8ee635133e6ad4858151e02203b6b9c51a9381dcd8ca483156058b271dfe2d77376bcf31c526e03f380e4ac93:922c64590222798bb761d5b6d8e72950
|
