OOB Request Based Interaction (request-based-interaction:dns) found on honey.scanme.sh

Details: request-based-interaction:dns matched at honey.scanme.sh

Protocol: HTTP

Timestamp: Tue Apr 30 19:29:00 +0530 IST 2024

Template Information

Key	Value
Name	OOB Request Based Interaction
Authors	pdteam
Tags	oast, ssrf, generic
Severity	info
Description	The remote server fetched a spoofed DNS Name from the request.

Request

GET / HTTP/1.1
Host: coofgv4mjeun8ktjo61gzu73n6gcitnyt.oast.me
Cache-Control: no-transform
Accept: */*

Response

HTTP/1.1 200 OK
Content-Length: 109
Content-Type: text/html
Date: Tue, 30 Apr 2024 13:58:55 GMT

GET / HTTP/1.1
Host: coofgv4mjeun8ktjo61gzu73n6gcitnyt.oast.me
Accept: */*
Cache-Control: no-transform

Interaction Data

dns (AAAA) Interaction from 172.253.10.3 at coofgv4mjeun8ktjo61gzu73n6gcitnyt Interaction Request

;; opcode: QUERY, status: NOERROR, id: 25847
;; flags: cd; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;coOFgV4MJEuN8KTJo61gZu73n6GCITnyt.oast.ME. IN   AAAA

Interaction Response

;; opcode: QUERY, status: NOERROR, id: 25847
;; flags: qr aa cd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;coOFgV4MJEuN8KTJo61gZu73n6GCITnyt.oast.ME. IN   AAAA

;; ANSWER SECTION:
coOFgV4MJEuN8KTJo61gZu73n6GCITnyt.oast.ME.  3600    IN  A   178.128.209.14

;; AUTHORITY SECTION:
coOFgV4MJEuN8KTJo61gZu73n6GCITnyt.oast.ME.  3600    IN  NS  ns1.oast.me.
coOFgV4MJEuN8KTJo61gZu73n6GCITnyt.oast.ME.  3600    IN  NS  ns2.oast.me.

;; ADDITIONAL SECTION:
ns1.oast.me.    3600    IN  A   178.128.209.14
ns2.oast.me.    3600    IN  A   178.128.209.14

References:

https://portswigger.net/research/cracking-the-lens-targeting-https-hidden-attack-surface

Generated by Nuclei v3.2.5

mkrs2404 / tickets

OOB Request Based Interaction (request-based-interaction:dns) found on honey.scanme.sh #61

Interaction Data