search

projectdiscovery / nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.
https://github.com/projectdiscovery/nuclei
MIT License
8.98k stars 2.57k forks source link

Update GitHub Pages Takeover Detection Templates to Reflect New GitHub Policy #10514

Open adityaax opened 1 month ago

adityaax commented 1 month ago

Nuclei version: v3.3.0

Nuclei command: nuclei -l subDomains -t ~/nuclei-templates/http/takeovers -rl 40

Current Behavior: Nuclei currently indicates that a domain is vulnerable to GitHub Pages takeover.

Expected Behavior: However, after researching GitHub's updated policy, I found that the domain cannot be taken over due to the new requirement for domain verification through DNS TXT records.

Steps To Reproduce:

  1. Run nuclei (subDomains contain list of subdomains)- nuclei -l subDomains -t ~/nuclei-templates/http/takeovers -rl 40
  2. See the output- [github-takeover] [http] [high] https://giant.particle.io
  3. Go to https://github.com/EdOverflow/can-i-take-over-xyz and this will show 'edge case' for subdomain takeover throught Github pages.
  4. Go to Github > Create a public repository > Go to pages > Go to github actions > Add custom domain > Paste the domain you got from nuclei result
  5. See the error- You must verify your domain giant.particle.io before being able to use it. Check out https://docs.github.com/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages for more information.
  6. Review the document in reference section.

Anything else: https://docs.github.com/en/pages/configuring-a-custom-domain-for-your-github-pages-site/verifying-your-custom-domain-for-github-pages

princechaddha commented 3 weeks ago

Hello, the response time for this issue was longer than usual because the team was traveling for DEFCON. The team will respond to this issue shortly. Thank you for your contribution