search

projectdiscovery / nuclei-templates

Community curated list of templates for the nuclei engine to find security vulnerabilities.
https://github.com/projectdiscovery/nuclei
MIT License
8.6k stars 2.45k forks source link

FlyWheel Subdomain Takeover Not Exploitable #8837

Closed UNC1739 closed 5 months ago

UNC1739 commented 6 months ago

There are some changes made by flywhweel so the subdomain takeover issue reported in nuclei-templates/http/takeovers/flywheel-takeover.yaml is likely no longer valid. Basically, they now have some more validation that verifies that your registered domain points to a specific IP address which negates exploitation in most (maybe even all scenarios) as far as I can tell. I haven't found an instance where this was exploitable now.

This is very different than what is indicated in this article so I think it was a recent change the last few years: https://smaranchand.com.np/2021/06/flywheel-subdomain-takeover/

DhiyaneshGeek commented 5 months ago

Hi @UNC1739 is it possible to share some reference of the recent changes in FlyWheel.

Looking forward to hear back from you

Thanks