diff --git a/http/takeovers/uptime-takeover.yaml b/http/takeovers/uptime-takeover.yaml new file mode 100644 index 0000000000..c171636099 --- /dev/null +++ b/http/takeovers/uptime-takeover.yaml @@ -0,0 +1,31 @@ +id: uptime-takeover + +info: + name: Uptime Takeover Detection + author: philippedelteil + severity: high + reference: + - https://github.com/EdOverflow/can-i-take-over-xyz/issues/368 + metadata: + max-request: 1 + tags: takeover,uptime + +http: + - method: GET + path: + - "{{BaseURL}}" + + matchers-condition: and + matchers: + - type: dsl + dsl: + - Host != ip + + - type: word + part: body + words: + - 'You are being redirected.' + + - type: status + status: + - 302