Rename dns/lemlist-takeover.yaml to http/takeovers/lemlist-takeover.yaml

2023-08-25 14:15:41 +05:30 · 2023-08-25 14:15:41 +05:30 · 79205d43df
parent 3d091e04be
commit 79205d43df
1 changed files with 0 additions and 29 deletions
--- a/dns/lemlist-takeover.yaml
+++ b/dns/lemlist-takeover.yaml
@ -1,29 +0,0 @@
-id: lemlist-takeover
-
-info:
-  name: Lemlist - Subdomain Takeover Detection
-  author: kresec
-  severity: high
-  description: |
-    The takeover will succeed when the target domain has a cname that points to the lemlist and in their account they only customize the domain in the tracking column so in the custom page column, as an attacker, they can enter the target domain.
-  reference:
-    - https://www.lemlist.com/blog/custom-tracking-domain
-    - https://kresec.medium.com/10k-site-affected-subdomain-takeover-via-lemlist-146cd0f11883
-  tags: dns,takeover,lemlist
-
-http:
-  - method: GET
-    path:
-      - "{{BaseURL}}"
-    
-    matchers-condition: and
-    matchers:
-      - type: dsl
-        dsl:
-          - Host != ip
-
-      - type: word
-        words:
-          - "Custom domain check"
-          - "app.lemlist.com"
-        condition: and