Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Subdomain Takeover via smugmug #60

Open
m7mdharoun opened this issue Oct 20, 2018 · 3 comments
Open

Subdomain Takeover via smugmug #60

m7mdharoun opened this issue Oct 20, 2018 · 3 comments
Labels
needs confirmation

Comments

@m7mdharoun
Copy link

Smugmug

Proof To Takeover

  1. Create your custom subdomain on smugmug example : your-custom.smugmug.com
  2. go to https://your-custom.smugmug.com/settings?nick=your-custom
  3. Scroll down and add the vulnerable domain

Note : The cname of vulnerable subdomain must be SmugMug's CNAME (domains.smugmug.com)
@bluedangerforyou
Copy link

I see alot of cloudfront net, so cname answer must be domains.smugmug.com to be vulnerable correct?

@m7mdharoun
Copy link
Author

Yes that's right cname must be domains.smugmug.com and there is another premium domains from smugmug the cname is your-custom.smugmug.net and this you can't takeover it ! only the cname domains.smugmug.com is possible to takeover if your account on smugmug expired.

@bluedangerforyou
Copy link

Thank you.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
needs confirmation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@bluedangerforyou @EdOverflow @m7mdharoun