nuclei-templates/takeovers/subdomain-takeover.yaml

397 lines
9.7 KiB
YAML
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

id: detect-all-takeovers
info:
name: Subdomain Takeover Detection
author: "melbadry9 & pxmme1337 & geeknik"
severity: high
# Update this list with new takeovers matchers
# Do not delete other template files for takeover
# https://github.com/EdOverflow/can-i-take-over-xyz
# You need to claim the subdomain / CNAME of the subdomain to confirm the takeover.
# Do not report subdomain takeover issues only based on detection.
# Total number of services #72
requests:
- method: GET
path:
- "{{BaseURL}}"
matchers-condition: or
matchers:
- type: word
name: acquia
words:
- If you are an Acquia Cloud customer and expect to see your site at this address
- The site you are looking for could not be found.
- type: word
name: agilecrm
words:
- Sorry, this page is no longer available.
- type: word
name: airee
words:
- Ошибка 402. Сервис Айри.рф не оплачен
- type: word
name: aftership
words:
- Oops.</h2><p class="text-muted text-tight">The page you're looking for doesn't
exist.
- type: word
name: aha
words:
- There is no portal here ... sending you back to Aha!
- type: word
name: anima
words:
- "If this is your website and you've just created it, try refreshing in a minute"
- type: word
name: aws-bucket
words:
- "The specified bucket does not exist"
- type: word
name: bigcartel
words:
- "<h1>Oops! We couldn&#8217;t find that page.</h1>"
- type: word
name: bitbucket
words:
- The page you have requested does not exist
- Repository not found
- type: word
name: brightcove
words:
- '<p class="bc-gallery-error-code">Error Code: 404</p>'
- type: word
name: campaignmonitor
words:
- "<strong>Trying to access your account?</strong>"
- or <a href="mailto:help@createsend.com
- type: word
name: canny
words:
- Company Not Found
- There is no such company. Did you enter the right URL?
- type: word
name: cargo
words:
- If you're moving your domain away from Cargo you must make this configuration
through your registrar's DNS control panel.
- type: word
name: cargocollective
words:
- <div class="notfound">
- 404 Not Found<br>
- type: word
name: fastly
words:
- "Fastly error: unknown domain:"
- type: word
name: feedpress
words:
- The feed has not been found.
- type: word
name: frontify
words:
- 404 - Page Not Found
- Oops… looks like you got lost
condition: and
part: body
- type: word
name: gemfury
words:
- "404: This page could not be found."
- type: word
name: getresponse
words:
- With GetResponse Landing Pages, lead generation has never been easier
- type: word
name: ghost
words:
- The thing you were looking for is no longer here
- The thing you were looking for is no longer here, or never was
- type: word
name: github
words:
- There isn't a GitHub Pages site here.
- For root URLs (like http://example.com/) you must provide an index.html file
- type: word
name: hatenablog
words:
- 404 Blog is not found
- Sorry, we can't find the page you're looking for.
- type: word
name: helpjuice
words:
- We could not find what you're looking for.
- type: word
name: helprace
words:
- Alias not configured!
- Admin of this Helprace account needs to set up domain alias
- "(see Step 2 here: Using your own domain with Helprace)."
- type: word
name: helpscout
words:
- "No settings were found for this company:"
- type: word
name: heroku
words:
- There's nothing here, yet.
- herokucdn.com/error-pages/no-such-app.html
- "<title>No such app</title>"
- type: word
name: hubspot
words:
- Domain not found
- does not exist in our system
- type: word
name: intercom
words:
- This page is reserved for artistic dogs.
- <h1 class="headline">Uh oh. That page doesnt exist.</h1>
- type: word
name: jazzhr
words:
- This account no longer active
- type: word
name: jetbrains
words:
- is not a registered InCloud YouTrack.
- type: word
name: kinsta
words:
- No Site For Domain
- type: word
name: landingi
words:
- It looks like you're lost
- The page you are looking for is not found
- type: word
name: launchrock
words:
- It looks like you may have taken a wrong turn somewhere. Don't worry...it happens
to all of us.
- type: word
name: mashery
words:
- Unrecognized domain <strong>
- type: word
name: ngrok
words:
- ngrok.io not found
- Tunnel *.ngrok.io not found
- type: word
name: pantheon.io
words:
- "The gods are wise, but do not know of the site which you seek."
- type: word
name: pingdom
words:
- Public Report Not Activated
- This public report page has not been activated by the user
- type: word
name: proposify
words:
- If you need immediate assistance, please contact <a href="mailto:support@proposify.biz
- type: word
name: readme
words:
- Project doesnt exist... yet!
- type: word
name: shopify
words:
- "Sorry, this shop is currently unavailable."
- type: word
name: simplebooklet
words:
- We can't find this <a href="https://simplebooklet.com
- type: word
name: smartjob
words:
- Job Board Is Unavailable
- This job board website is either expired
- This job board website is either expired or its domain name is invalid.
- type: word
name: smartling
words:
- Domain is not configured
- type: word
name: smugmug
words:
- '{"text":"Page Not Found"'
- type: word
name: strikingly
words:
- But if you're looking to build your own website
- you've come to the right place.
- type: word
name: surge
words:
- project not found
- type: word
name: surveygizmo
words:
- data-html-name
- type: word
name: tave
words:
- "<h1>Error 404: Page Not Found</h1>"
- type: word
name: teamwork
words:
- Oops - We didn't find your site.
- type: word
name: tictail
words:
- Building a brand of your own?
- 'to target URL: <a href="https://tictail.com'
- Start selling on Tictail.
- type: word
name: tilda
words:
- Domain has been assigned
- type: word
name: tumblr
words:
- Whatever you were looking for doesn't currently exist at this address.
- There's nothing here.
- type: word
name: uberflip
words:
- "Non-hub domain, The URL you've accessed does not provide a hub."
- type: regex
name: unbounce
regex:
- "^The requested URL was not found on this server.$"
- type: regex
name: uptimerobot
regex:
- "^page not found$"
- type: word
name: uservoice
words:
- This UserVoice subdomain is currently available!
- type: word
name: vend
words:
- Looks like you've traveled too far into cyberspace.
- type: word
name: webflow
words:
- <p class="description">The page you are looking for doesn't exist or has been
moved.</p>
- type: word
name: wishpond
words:
- https://www.wishpond.com/404?campaign=true
- type: word
name: wordpress
words:
- Do you want to register
- type: regex
name: worksites
regex:
- "(?:Company Not Found|you&rsquo;re looking for doesn&rsquo;t exist)"
- type: word
name: wufoo
words:
- Profile not found
- Hmmm....something is not right.
- type: word
name: zendesk
words:
- this help center no longer exists
- type: word
name: readthedocs
words:
- unknown to Read the Docs
- type: word
name: tilda
words:
- <title>Please renew your subscription</title>
- Please go to the site settings and put the domain name in the Domain tab.
- type: word
name: smart-jobboard
words:
- This job board website is either expired or its domain name is invalid.
- type: word
name: netlify
words:
- "Not Found"
- "server: Netlify"
condition: and
part: all
- type: word
name: vercel
words:
- The deployment could not be found on Vercel.
- DEPLOYMENT_NOT_FOUND
condition: and