Subdomain Takeover via service

27 sec read

Program : Souq

Vulnerability : Subdomain Takeover

Impact : High was vulnerable to subdomain takeover via Service

When I visit it was shown me an error ( finger print )

So I started to see the cname was has a cname

So I go directly to the service provider and they was allowed me to take the cname not allowed me to connect it directly seems there was a Bug !

After 1 day I notice that subdomain has been connected to the cname in some paths example : /app/share/

Funny thing there are someone apply to fake Security Job ! 😀

Time line 
2019-02-04: Bug reported
2019-01-05: Fixed with no comments 
2019-01-06: Closed as Informative ! 

How I Found and Reporting Vulnerabilities to by…

ABSTRACT is a Singaporean Bug Bounty Platform site. After seeing this platform well known, I decided to create an account there. After successfully...
2 min read

Leave a Reply

Your email address will not be published. Required fields are marked *