Merge pull request #5502 from davidmckennirey/flywheel-takeover-update

update flywheel takeover template to reflect new language
2022-10-14 19:52:11 +05:30 · 2022-10-14 19:52:11 +05:30 · 1de8164930
parent df0972b0f9 e0293c5a9c
commit 1de8164930
1 changed files with 12 additions and 1 deletions
--- a/takeovers/flywheel-takeover.yaml
+++ b/takeovers/flywheel-takeover.yaml
@ -6,15 +6,26 @@ info:
  severity: high
  reference:
    - https://smaranchand.com.np/2021/06/flywheel-subdomain-takeover
-  tags: takeover
+  metadata:
+    verified: true
+    shodan-query: http.html:"Flywheel"
+  tags: takeover,flywheel

 requests:
  - method: GET
    path:
      - "{{BaseURL}}"
+
+    matchers-condition: or
    matchers:
      - type: word
+        part: body
        words:
          - "We're sorry, you've landed on a page that is hosted by Flywheel"
          - "<h1>Oops! That's not the site<br>you're looking&nbsp;for.</h1>"
        condition: and
+
+      - type: word
+        part: body
+        words:
+          - "We are sorry, you've landed on a page that is hosted by Flywheel"