redirect-pizza-takeover: Redirect.pizza Subdomain Takeover Detection

日期: 2025-08-01 | 影响软件: redirect-pizza | POC: 已公开

漏洞描述

Redirect.pizza subdomain takeover was detected.

PoC代码[已公开]

id: redirect-pizza-takeover
info:
  name: Redirect.pizza Subdomain Takeover Detection
  author: Ranjan Kumar
  severity: high
  description: |
    Redirect.pizza subdomain takeover was detected.
  reference:
    - https://redirect.pizza/docs
  metadata:
    max-request: 1
    shodan-query: html:"redirect.pizza"
    fofa-query: body="redirect.pizza"
  tags: takeover,redirect-pizza,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - Host != ip
          - contains_all(body, "Unable to redirect","redirect.pizza")
          - contains(content_type, "text/html")
        condition: and

    extractors:
      - type: dsl
        dsl:
          - cname
# digest: 4a0a00473045022100eed61c9272ef0d6853d84b4599bf88e4d7d6cdf007944162f5d5201d6286330602205622b6b05220866b1c1fd02e0e357019541e9d52bc388fbd9a28ec814e90fb3c:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/takeovers/redirect-pizza-takeover.yaml

相关漏洞推荐