daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update elasticbeantalk-takeover-detection.yaml

patch-1
Prince Chaddha 2021-09-14 16:59:42 +05:30 committed by GitHub
parent d38052f05a
commit 81fbbf0280
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
dns/elasticbeantalk-takeover-detection.yaml
View File

@ -14,10 +14,10 @@ info:
# Do not report this without claiming the CNAME.
#
# CLI command to verify the availability of the environment:
# aws elasticbeanstalk check-dns-availability --region {AWS_REGION} --cname-prefix {CNAME_PREFIX}
# aws elasticbeanstalk check-dns-availability --region {AWS_REGION} --cname-prefix {CNAME_PREFIX}
# Example:
# CNAME - 2rs3c.eu-west-1.elasticbeanstalk.com
# Command - aws elasticbeanstalk check-dns-availability --region eu-west-1 --cname-prefix 2rs3c
# Command - aws elasticbeanstalk check-dns-availability --region eu-west-1 --cname-prefix 2rs3c
dns:
- name: "{{FQDN}}"
@ -25,17 +25,21 @@ dns:
class: inet
recursion: true
retries: 3
matchers-condition: and
matchers:
- type: regex
name: elasticbeanstalk
regex:
# Only CNAMEs with region specification are hijackable.
- \.(us|af|ap|ca|eu|me|sa)\-(east|west|south|northeast|southeast|central)\-[1-9]+\.elasticbeanstalk\.com
condition: or
- type: word
words:
- "NXDOMAIN"
extractors:
- type: regex
group: 1