Reduce Fly.io false positives in subdomain takeover

screetsec / Sudomy

Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting

https://github.com/Screetsec/

MIT License

2k stars 379 forks source link

Reduce Fly.io false positives in subdomain takeover #38

Closed darshkpatel closed 4 years ago

darshkpatel commented 4 years ago

The check for Fly.io subdomain takeover is simply checking for "404 Not Found" , which is a really common string, and thus has a lot of false positives.

screetsec commented 4 years ago

Thank's for suggestion, any referenece ?

For method followed in this source : https://github.com/EdOverflow/can-i-take-over-xyz

darshkpatel commented 4 years ago

Couldn't find any references, but I can setup an experiment to find some other string

subhash0x commented 4 years ago

is there any way to confirm Fly.io subdomain takeover?

screetsec commented 4 years ago

Nicee ! @darshkpatel

darshkpatel commented 4 years ago

Fly.io Subdomain takeover seems to be fixed since they added a verification before adding custom domains. #132 on can-i-take-over-xyz

PR: #44