search

projectdiscovery / nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.
https://github.com/projectdiscovery/nuclei
MIT License
9.37k stars 2.66k forks source link

Github Pages Subdomain Takeover No Longer Detected #10552

Closed syntacticNaCl closed 3 months ago

syntacticNaCl commented 3 months ago

Nuclei Version:

3.3.0

Template file:

/http/takeovers/github-takeover.yaml

Command to reproduce:

nuclei -u <domain-to-test> -id github-takeover

It appears that the "word" matchers are no longer valid since the 404 page has been changed by Github. Previously it was looking for:

      - type: word
        words:
          - "There isn't a GitHub Pages site here."
          - "For root URLs (like http://example.com/) you must provide an index.html file"
        condition: or

but that no longer matches. We should update the matchers so that it can begin detecting takeovers again.

Screenshot 2024-08-15 at 5 47 37 PM
princechaddha commented 3 months ago

Hello, the response time for this issue was longer than usual because the team was traveling for DEFCON. The team will respond to this issue shortly. Thank you for your contribution

syntacticNaCl commented 3 months ago

No worries at all @princechaddha! This has been resolved by https://github.com/projectdiscovery/nuclei-templates/pull/10553