Heroku-takeover.yaml

[ManasHarsh]

Handy for Heroku subdomain takeovers

[dwisiswant0]

Or if you don't mind, can you provide proof of the screenshot?

[dwisiswant0]

Hi, but here you use words type instead of regex.

[dwisiswant0]

Refer to EdOverflow/can-i-take-over-xyz#38, it is part of the iframe HTML tag, which means it won't match if it doesn't use the redirects key.
See this part https://github.com/projectdiscovery/nuclei-templates/blob/master/GUIDE.md#redirects.

[ManasHarsh]

Yeah I will edit it...Let me do it again

…

On Mon, 6 Jul, 2020, 6:12 PM Dwi Siswanto, ***@***.***> wrote: ***@***.**** commented on this pull request. Or if you don't mind, can you provide proof of the screenshot? ------------------------------ In subdomain-takeover/Heroku-takeover.yaml <#201 (comment)> : > + severity: high + +requests: + - method: GET + path: + - '{{BaseURL}}/' + redirects: false + matchers-condition: and + matchers: + - type: status + status: + - 307 + - type: word + words: + - There's nothing here, yet. + - 'Location: https://*.herokudns.com/ Hi, but here you use words type instead of regex. ------------------------------ In subdomain-takeover/Heroku-takeover.yaml <#201 (comment)> : > + author: Manas_Harsh + severity: high + +requests: + - method: GET + path: + - '{{BaseURL}}/' + redirects: false + matchers-condition: and + matchers: + - type: status + status: + - 307 + - type: word + words: + - There's nothing here, yet. Refer to EdOverflow/can-i-take-over-xyz#38 <EdOverflow/can-i-take-over-xyz#38>, it is part of the iframe HTML tag, which means it won't match if it doesn't use the redirects key. See this part https://github.com/projectdiscovery/nuclei-templates/blob/master/GUIDE.md#redirects . — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub <#201 (review)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AH7Q6TSFX4UN3LF5D5LX2V3R2HBCXANCNFSM4ORRZNJQ> .

[ehsandeep]

Hi @manasjha7,

This is a duplicate as well, please check this

nuclei-templates/subdomain-takeover/detect-all-takeovers.yaml

Line 84 in 1009f27

name: heroku

@dwisiswant0 thank you for the review.

[dwisiswant0]

Hi @manasjha7,

This is a duplicate as well, please check this

nuclei-templates/subdomain-takeover/detect-all-takeovers.yaml

Line 84 in 1009f27

name: heroku

@dwisiswant0 thank you for the review.

It's dup too, should be taking out?
subdomain-takeover/pantheon.io.yaml

[ManasHarsh]

Oh I see...Didn't notice

…

On Mon, 6 Jul, 2020, 7:50 PM Dwi Siswanto, ***@***.***> wrote: Hi @manasjha7 <https://github.com/manasjha7>, This is a duplicate as well, please check this https://github.com/projectdiscovery/nuclei-templates/blob/1009f2762dfcda9b264e6a6ab1ff9d9200b8515e/subdomain-takeover/detect-all-takeovers.yaml#L84 @dwisiswant0 <https://github.com/dwisiswant0> thank you for the review. It's dup too, should be taking out? subdomain-takeover/pantheon.io.yaml <https://github.com/projectdiscovery/nuclei-templates/blob/master/subdomain-takeover/pantheon.io.yaml> — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#201 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AH7Q6TVA5IXWGAQKGF7IQETR2HMTFANCNFSM4ORRZNJQ> .

[Sy3Omda]

is heroku still vulnerable to subdomain takeover ?

[NagliNagli]

Can we remove Heroku? as it's not vulnerable anymore.