diff --git a/lib/Spellbook/Exploit/S3_Bucket_Takeover.pm b/lib/Spellbook/Exploit/S3_Bucket_Takeover.pm index f377321..2a353b1 100644 --- a/lib/Spellbook/Exploit/S3_Bucket_Takeover.pm +++ b/lib/Spellbook/Exploit/S3_Bucket_Takeover.pm @@ -15,13 +15,16 @@ package Spellbook::Exploit::S3_Bucket_Takeover { if ($target) { if ($target !~ /^http(s)?:\/\//x) { - $target = "https://$target"; + $target = "http://$target"; } my $userAgent = Spellbook::Core::UserAgent -> new(); my $request = $userAgent -> get($target); - if ($request -> code() == 404 && $request-> content() =~ m/Code: NoSuchBucket/x) { + if ( + ($request -> code() == 404) && + (($request-> content() =~ m/Code: NoSuchBucket/x) || ($request-> content() =~ m/NoSuchBucket<\/Code>/x)) + ) { push @result, $target; }