daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #10256 from kazet/evil.com-example.com 

Using different URL as we don't know who evil.com is controlled by
patch-5
Prince Chaddha 2024-07-14 13:44:18 +05:30 committed by GitHub
parent 95d81675a3 31d5e16128
commit e8d81a29a2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 98 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
dast/vulnerabilities/redirect/open-redirect.yaml
View File

@ -16,7 +16,7 @@ http:
payloads: payloads:
redirect: redirect:
- "evil.com" - "oast.me"
fuzzing: fuzzing:
- part: query - part: query
@ -174,7 +174,7 @@ http:
- type: regex - type: regex
part: header part: header
regex: regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/idfD2e/1 - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$' # https://regex101.com/r/idfD2e/1
- type: status - type: status
status: status:

188
http/vulnerabilities/generic/open-redirect-generic.yaml
View File

@ -20,99 +20,99 @@ http:
payloads: payloads:
redirect: redirect:
- '%0a/evil.com/' - '%0a/oast.me/'
- '%0d/evil.com/' - '%0d/oast.me/'
- '%00/evil.com/' - '%00/oast.me/'
- '%09/evil.com/' - '%09/oast.me/'
- '%5C%5Cevil.com/%252e%252e%252f' - '%5C%5Coast.me/%252e%252e%252f'
- '%5Cevil.com' - '%5Coast.me'
- '%5cevil.com/%2f%2e%2e' - '%5coast.me/%2f%2e%2e'
- '%5c{{RootURL}}evil.com/%2f%2e%2e' - '%5c{{RootURL}}oast.me/%2f%2e%2e'
- '../evil.com' - '../oast.me'
- '.evil.com' - '.oast.me'
- '/%5cevil.com' - '/%5coast.me'
- '////\;@evil.com' - '////\;@oast.me'
- '////evil.com' - '////oast.me'
- '///evil.com' - '///oast.me'
- '///evil.com/%2f%2e%2e' - '///oast.me/%2f%2e%2e'
- '///evil.com@//' - '///oast.me@//'
- '///{{RootURL}}evil.com/%2f%2e%2e' - '///{{RootURL}}oast.me/%2f%2e%2e'
- '//;@evil.com' - '//;@oast.me'
- '//\/evil.com/' - '//\/oast.me/'
- '//\@evil.com' - '//\@oast.me'
- '//\evil.com' - '//\oast.me'
- '//\tevil.com/' - '//\toast.me/'
- '//evil.com/%2F..' - '//oast.me/%2F..'
- '//evil.com//' - '//oast.me//'
- '//%69%6e%74%65%72%61%63%74%2e%73%68' - '//%6f%61%73%74%2e%6d%65'
- '//evil.com@//' - '//oast.me@//'
- '//evil.com\tevil.com/' - '//oast.me\toast.me/'
- '//https://evil.com//' - '//https://oast.me//'
- '/<>//evil.com' - '/<>//oast.me'
- '/\/\/evil.com/' - '/\/\/oast.me/'
- '/\/evil.com' - '/\/oast.me'
- '/\evil.com' - '/\oast.me'
- '/evil.com' - '/oast.me'
- '/evil.com/%2F..' - '/oast.me/%2F..'
- '/evil.com/' - '/oast.me/'
- '/evil.com/..;/css' - '/oast.me/..;/css'
- '/https:evil.com' - '/https:oast.me'
- '/{{RootURL}}evil.com/' - '/{{RootURL}}oast.me/'
- '/〱evil.com' - '/〱oast.me'
- '/〵evil.com' - '/〵oast.me'
- '/ゝevil.com' - '/ゝoast.me'
- '/ーevil.com' - '/ーoast.me'
- '/ーevil.com' - '/ーoast.me'
- '<>//evil.com' - '<>//oast.me'
- '@evil.com' - '@oast.me'
- '@https://evil.com' - '@https://oast.me'
- '\/\/evil.com/' - '\/\/oast.me/'
- 'evil%E3%80%82com' - 'oast%E3%80%82me'
- 'evil.com' - 'oast.me'
- 'evil.com/' - 'oast.me/'
- 'evil.com//' - 'oast.me//'
- 'evil.com;@' - 'oast.me;@'
- 'https%3a%2f%2fevil.com%2f' - 'https%3a%2f%2foast.me%2f'
- 'https:%0a%0devil.com' - 'https:%0a%0doast.me'
- 'https://%0a%0devil.com' - 'https://%0a%0doast.me'
- 'https://%09/evil.com' - 'https://%09/oast.me'
- 'https://%2f%2f.evil.com/' - 'https://%2f%2f.oast.me/'
- 'https://%3F.evil.com/' - 'https://%3F.oast.me/'
- 'https://%5c%5c.evil.com/' - 'https://%5c%5c.oast.me/'
- 'https://%5cevil.com@' - 'https://%5coast.me@'
- 'https://%23.evil.com/' - 'https://%23.oast.me/'
- 'https://.evil.com' - 'https://.oast.me'
- 'https://////evil.com' - 'https://////oast.me'
- 'https:///evil.com' - 'https:///oast.me'
- 'https:///evil.com/%2e%2e' - 'https:///oast.me/%2e%2e'
- 'https:///evil.com/%2f%2e%2e' - 'https:///oast.me/%2f%2e%2e'
- 'https:///evil.com@evil.com/%2e%2e' - 'https:///oast.me@oast.me/%2e%2e'
- 'https:///evil.com@evil.com/%2f%2e%2e' - 'https:///oast.me@oast.me/%2f%2e%2e'
- 'https://:80#@evil.com/' - 'https://:80#@oast.me/'
- 'https://:80?@evil.com/' - 'https://:80?@oast.me/'
- 'https://:@\@evil.com' - 'https://:@\@oast.me'
- 'https://:@evil.com\@evil.com' - 'https://:@oast.me\@oast.me'
- 'https://;@evil.com' - 'https://;@oast.me'
- 'https://\tevil.com/' - 'https://\toast.me/'
- 'https://evil.com/evil.com' - 'https://oast.me/oast.me'
- 'https://evil.com/https://evil.com/' - 'https://oast.me/https://oast.me/'
- 'https://www.\.evil.com' - 'https://www.\.oast.me'
- 'https:/\/\evil.com' - 'https:/\/\oast.me'
- 'https:/\evil.com' - 'https:/\oast.me'
- 'https:/evil.com' - 'https:/oast.me'
- 'https:evil.com' - 'https:oast.me'
- '{{RootURL}}evil.com' - '{{RootURL}}oast.me'
- '〱evil.com' - '〱oast.me'
- '〵evil.com' - '〵oast.me'
- 'ゝevil.com' - 'ゝoast.me'
- 'ーevil.com' - 'ーoast.me'
- 'ーevil.com' - 'ーoast.me'
- 'redirect/evil.com' - 'redirect/oast.me'
- 'cgi-bin/redirect.cgi?evil.com' - 'cgi-bin/redirect.cgi?oast.me'
- 'out?evil.com' - 'out?oast.me'
- 'login?to=http://evil.com' - 'login?to=http://oast.me'
- '1/_https@evil.com' - '1/_https@oast.me'
- 'redirect?targeturl=https://evil.com' - 'redirect?targeturl=https://oast.me'
stop-at-first-match: true stop-at-first-match: true
@ -121,7 +121,7 @@ http:
- type: regex - type: regex
part: header part: header
regex: regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 - '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)oast\.me\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
- type: status - type: status
status: status: