From a4a96ff0ef7026da86baafa27ab9315ec357cab2 Mon Sep 17 00:00:00 2001 From: htrgouvea Date: Thu, 24 Oct 2024 20:45:30 +0100 Subject: [PATCH] add a new pattern to detect more cases --- lib/Spellbook/Exploit/S3_Bucket_Takeover.pm | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/lib/Spellbook/Exploit/S3_Bucket_Takeover.pm b/lib/Spellbook/Exploit/S3_Bucket_Takeover.pm index f377321..2a353b1 100644 --- a/lib/Spellbook/Exploit/S3_Bucket_Takeover.pm +++ b/lib/Spellbook/Exploit/S3_Bucket_Takeover.pm @@ -15,13 +15,16 @@ package Spellbook::Exploit::S3_Bucket_Takeover { if ($target) { if ($target !~ /^http(s)?:\/\//x) { - $target = "https://$target"; + $target = "http://$target"; } my $userAgent = Spellbook::Core::UserAgent -> new(); my $request = $userAgent -> get($target); - if ($request -> code() == 404 && $request-> content() =~ m/Code: NoSuchBucket/x) { + if ( + ($request -> code() == 404) && + (($request-> content() =~ m/Code: NoSuchBucket/x) || ($request-> content() =~ m/NoSuchBucket<\/Code>/x)) + ) { push @result, $target; }