Skip to content

Commit

Permalink
add a new pattern to detect more cases
Browse files Browse the repository at this point in the history
  • Loading branch information
htrgouvea committed Oct 24, 2024
1 parent e72e36d commit a4a96ff
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions lib/Spellbook/Exploit/S3_Bucket_Takeover.pm
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,16 @@ package Spellbook::Exploit::S3_Bucket_Takeover {

if ($target) {
if ($target !~ /^http(s)?:\/\//x) {
$target = "https://$target";
$target = "http://$target";
}

my $userAgent = Spellbook::Core::UserAgent -> new();
my $request = $userAgent -> get($target);

if ($request -> code() == 404 && $request-> content() =~ m/Code: NoSuchBucket/x) {
if (
($request -> code() == 404) &&
(($request-> content() =~ m/Code: NoSuchBucket/x) || ($request-> content() =~ m/<Code>NoSuchBucket<\/Code>/x))
) {
push @result, $target;
}

Expand Down

0 comments on commit a4a96ff

Please sign in to comment.