Comments (74)
Hi, during a bug bounty activity I have found a subdomain vulnerable to takeover, the dig command returns this information:
sub.example.com CNAME [bucket_name].s3.amazonaws.com
and then:
[bucket_name].s3.amazonaws.com CNAME s3-1-w.amazonaws.com
I haven't the region information from dig
command.
Also if I visit the page, I get an XML error. Below is the screenshot:
The subdomain would seem vulnerable to takeover, but when I go to create the bucket from my AWS console, I get the following error:
Bucket name already exists
Anyone can help me?
Thank You!
from can-i-take-over-xyz.
Hello everyone,
I can confirm this takeover is still possible, adding some details:
- If you get an error as 'the bucket .... already exists' --> it's not vulnerable.
- A CNAME pointing to a AWS domain name is not necessary. I took a bucket that was pointing to several IP addresses. The relevant part is the response fingerprint.
- The error with
Code: IncorrectEndpoint
can be fixed removing and creating the bucket in another region. It takes around 1 hour for the bucket to be removed, before that you won't be able to create it. Use AWS Cli to automate this part. - If you are getting
Access denied
errors, check this guide
from can-i-take-over-xyz.
@soynek You're going to need to dig into the documentation for this one, we've had to draw the line at this repository being treated like a support desk. This is here to outline the work people have contributed back, and to outline vulnerable areas, but if you have a specific subdomain takeover question then the documentation for that service is where you should be looking.
from can-i-take-over-xyz.
Hi @soareswallace
I discovered a subdomain whose CNAME is point to *.elb.amazonaws.com.
How can I takeover this subdomain? Is the process same as creating a s3 bucket?
Not really, usually before the elb there's a random number.
from can-i-take-over-xyz.
I believe when we get this message @Mik317 , the take over is not possible. This message show that the bucket does exist and has an owner.
Stay safe,
Wallace
from can-i-take-over-xyz.
@six2dez please refer to this issue #361 I have faced similar kind of scenario hope it will be useful
from can-i-take-over-xyz.
I've come across a sub-domain which confirms the error message:
NoSuchBucket
The specified bucket does not exist
randombucket-assets
When use the dig command, the CNAME points to a random.cloudfront.net URL.
On trying to follow the above steps, getting below message while creating the S3 bucket with same name:
"Bucket name already exists"
I'm entering the full sub-domain name in the bucket name. Am I missing something to check?
Update: I've been able to find the S3 bucket URL: subdomain.s3.amazonaws.com
from can-i-take-over-xyz.
Hi @soareswallace :).
Thanks for the reply. I'll be lucky the next time ;)
Until that, stay safe and hack the world ;)
Regards,
Mik
from can-i-take-over-xyz.
So far, from what I could search about it, is not possibly to take over amazon's load balance.
from can-i-take-over-xyz.
And as @pdelteil replied above:
Not really, usually before the elb there's a random number.
from can-i-take-over-xyz.
Try ping to know region and in case of subdomain not necessary you usually see them clear when firewall being used
from can-i-take-over-xyz.
@Sim4n6 no i mean ping sub.site.com
from can-i-take-over-xyz.
@radiustama77 AWS has very granular permission controls. Opening sub.domain.com/ needs s3:ListBucket permission which you don't have. However, you do have permission to s3:GetObject so if you can guess the name of the file, you will be able to get it.
Based on the behavior you described, subdomain takeover is not possible. Also, it seems that bucket files are intended to be public based on 'index.html' filename implications. You may try brute-forcing for filenames and see if you get something sensitive (with gobuster for example).
from can-i-take-over-xyz.
Hi guys I found the following scenario:
-
subdomain.example.com returning
NoSuchBucket
-
dig cname subdomain.example.com
returns:
> dig cname subdomain.example.com
; <<>> DiG 9.18.12-0ubuntu0.22.04.3-Ubuntu <<>> cname subdomain.example.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43658
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;subdomain.example.com. IN CNAME
;; ANSWER SECTION:
subdomain.example.com. 3600 IN CNAME RANDOM_NAME_SEQUENCE.s3.amazonaws.com.
;; Query time: 31 msec
;; SERVER: 127.0.0.53#53(127.0.0.53) (UDP)
;; WHEN: Thu Nov 02 10:55:24 CET 2023
;; MSG SIZE rcvd: 131
-
Checked bucket region by
curl -sI RANDOM_NAME_SEQUENCE.s3.amazonaws.com | grep bucket-region
-
Claimed and created an S3 bucket with the name
RANDOM_NAME_SEQUENCE.s3.amazonaws.com
on the region from the previous step and uploaded a poc toRANDOM_NAME_SEQUENCE.s3.amazonaws.com/poc
, made it public, both the bucket and the poc file. -
Navigated to
https://RANDOM_NAME_SEQUENCE.s3.amazonaws.com/poc
and the file shows properly. -
subdomain.example.com/poc
still shows NoSuchBucket.
Also tried the to create the bucket as static website hosting. Does anyone found this scenario or know what's happening here?
from can-i-take-over-xyz.
Official documentation link: https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html
from can-i-take-over-xyz.
id 64053
opcode QUERY
rcode NOERROR
flags QR RD RA
;QUESTION
girishsarwal.me. IN CNAME
;ANSWER
;AUTHORITY
something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?
from can-i-take-over-xyz.
@codingo
I want to takeover a subdomain and i face that problem as in picture showing. Any solution for this?
from can-i-take-over-xyz.
Hi
I found a domain with CNAME *.cloudfront.net
When I access it from browser it returned empty. I tried to add it to bucket by steps above and was successfully added. But when I access it, it's still empty, I tried other subdomains from same domain but they say 'Bucket name already exist'.
Please explain me this
from can-i-take-over-xyz.
@yoursquad13 Because *.cloudfront.net is not a subdomain for S3
from can-i-take-over-xyz.
@webliqui
Any news on this issue? I am running into the same thing
from can-i-take-over-xyz.
Have you guys ran the AWS CLI like aws s3 ls <bucket_name>
? I think this command search in all regions for a bucket name.
from can-i-take-over-xyz.
@webliqui You found something?
I'm facing the same issue.
@codingo Do you have some solution for this?
from can-i-take-over-xyz.
same issue as @webliqui. @codingo?
from can-i-take-over-xyz.
I believe, as I mentioned above, this issue is related to the region. This bucket may not be created on the region that you are testing on. But if you use the AWS CLI (aws s3 ls <bucket_name>
) I believe you would find the bucket. I suggest you to test using the AWS CLI.
from can-i-take-over-xyz.
Hi @soareswallace :),
I got the same error and when I execute the command you suggested in the latest reply, I get this error: An error occurred (AllAccessDisabled) when calling the ListObjectsV2 operation: All access to this object has been disabled
... any tip to make possible the take over
?
Regards,
Mik
from can-i-take-over-xyz.
Hi @soareswallace
I discovered a subdomain whose CNAME is point to *.elb.amazonaws.com.
How can I takeover this subdomain? Is the process same as creating a s3 bucket?
from can-i-take-over-xyz.
Hi @FaizanNehal,
I tried once, but never found out how to do it. I also would like to know how we can takeover. Let us know if you discover anything.
Wallace
from can-i-take-over-xyz.
Anyone knows about amazon route 53???? Is it vulnerable?
from can-i-take-over-xyz.
I found a subdomain.domain.com that is vulnerable, and confirmed with dig that CNAME was for s3 bucket in Verginia
When I tried creating the bucket with the same name it worked but the endpoint for the bucket was like so:
^[a-z0-9\.\-]{0,63}\.?s3-website[\.-](eu|ap|us|ca|sa|cn)-\w{2,14}-\d{1,2}\.amazonaws.com(\.cn)?$
Which is mentioned in the documentation. OR
^[a-z0-9\.\-]{0,63}\.?s3.amazonaws\.com$/subdomain.domain.com/
Which is not.
my question is since it is not mentioned in the steps above how to make those regexes point to subdomain.domain.com?
from can-i-take-over-xyz.
is this service still vulnerable?
from can-i-take-over-xyz.
Hi,
I have found "The specified bucket does not exist" for few subdomains. But when I do a dig, the subdomains fail to give a CNAME record. So does it mean that they are not vulnerable. Or am I missing something here?
from can-i-take-over-xyz.
Hi @soareswallace
I discovered a subdomain whose CNAME is point to *.elb.amazonaws.com.
How can I takeover this subdomain? Is the process same as creating a s3 bucket?
did u find any info about it?
from can-i-take-over-xyz.
okey , thanks
from can-i-take-over-xyz.
id 64053
opcode QUERY
rcode NOERROR
flags QR RD RA
;QUESTION
girishsarwal.me. IN CNAME
;ANSWER
;AUTHORITY
something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
;ADDITIONALin s3 bucket, i'm facing this problem. What's solution for this ?
in this case i try to create bucket by deleteing at recreating it ofcourse it take time but work it.
from can-i-take-over-xyz.
@technicaljunkie which kind?
from can-i-take-over-xyz.
Hi,
I've got the fingerprint The specified bucket does not exist
However, when I dig
for dns records using dig +nocmd +noall +answer CNAME sub.domain.com
I get nothing on CNAME record ?
Does it mean some measures have already been taken ? can I take it over ?
Thank you in advance
from can-i-take-over-xyz.
Do you mean traceroute
?
from can-i-take-over-xyz.
Well, either dig or ping got me the IP address. And it is located in Zurich. Now the question is the bucket name is unknown.
from can-i-take-over-xyz.
CNAME of sub.domain.com does not show a domain of format ^[a-z0-9.-]{0,63}.?s3.amazonaws.com$
But curl -v does return the fingerprint.
from can-i-take-over-xyz.
I've got the bucket name, so unfortunate the name is already taken 😕😕
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?
Got this errror solved in some of my takeovers
from can-i-take-over-xyz.
I was checking for subdomain takeover and got a s3 bucket which doesn't exists and confirmed the takeover vulnerability with subzy, but the problem is im not able to create bucket with the vulnerable domain name, its says, Bucket with the same name already exists, so how to takeover this bucket??
from can-i-take-over-xyz.
I was checking for subdomain takeover and got a s3 bucket which doesn't exists and confirmed the takeover vulnerability with subzy, but the problem is im not able to create bucket with the vulnerable domain name, its says, Bucket with the same name already exists, so how to takeover this bucket??
It can possibly be a honeypot i saw same during one target else confirm you are entering bucket name because sometimes it's not same as host url
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?
@soynek did you ever find a solution to this? If so, how did you fix it?
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?@soynek did you ever find a solution to this? If so, how did you fix it?
Bucket region mismatch change region
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?@soynek did you ever find a solution to this? If so, how did you fix it?
In your case us-west-2 is region
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?@soynek did you ever find a solution to this? If so, how did you fix it?
Bucket region mismatch change region
@GDATTACKER-RESEARCHER how can you find out which one you need to change to out of the 22 options?
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?@soynek did you ever find a solution to this? If so, how did you fix it?
Bucket region mismatch change region
@GDATTACKER-RESEARCHER how can you find out which one you need to change to out of the 22 options?
Different ways depend on case by case bases by ping, other buckets in use by site, cname etc
from can-i-take-over-xyz.
Is this vulnerable?
asdasd.target.com shows this
<Error>
<Code>NoSuchBucket</Code>
<Message>The specified bucket does not exist.</Message>
<Resource>/asd</Resource>
<RequestId>uzEH...</RequestId>
</Error>
And DIG shows this:
target.com. * IN NS ns-*.awsdns-53.net.
target.com. * IN NS ns-*.awsdns-58.org.
target.com. * IN NS ns-*.awsdns-23.co.uk.
target.com. * IN NS ns-*.awsdns-44.com.
* - Stars are in the place of some numbers
from can-i-take-over-xyz.
Is this vulnerable? asdasd.target.com shows this
<Error> <Code>NoSuchBucket</Code> <Message>The specified bucket does not exist.</Message> <Resource>/asd</Resource> <RequestId>uzEH...</RequestId> </Error>
And DIG shows this:
target.com. * IN NS ns-*.awsdns-53.net. target.com. * IN NS ns-*.awsdns-58.org. target.com. * IN NS ns-*.awsdns-23.co.uk. target.com. * IN NS ns-*.awsdns-44.com.
* - Stars are in the place of some numbers
Yes
from can-i-take-over-xyz.
Is this vulnerable? asdasd.target.com shows this
<Error> <Code>NoSuchBucket</Code> <Message>The specified bucket does not exist.</Message> <Resource>/asd</Resource> <RequestId>uzEH...</RequestId> </Error>
And DIG shows this:
target.com. * IN NS ns-*.awsdns-53.net. target.com. * IN NS ns-*.awsdns-58.org. target.com. * IN NS ns-*.awsdns-23.co.uk. target.com. * IN NS ns-*.awsdns-44.com.
* - Stars are in the place of some numbers
Yes
Have you tried?
from can-i-take-over-xyz.
Is this vulnerable? asdasd.target.com shows this
<Error> <Code>NoSuchBucket</Code> <Message>The specified bucket does not exist.</Message> <Resource>/asd</Resource> <RequestId>uzEH...</RequestId> </Error>
And DIG shows this:
target.com. * IN NS ns-*.awsdns-53.net. target.com. * IN NS ns-*.awsdns-58.org. target.com. * IN NS ns-*.awsdns-23.co.uk. target.com. * IN NS ns-*.awsdns-44.com.
* - Stars are in the place of some numbers
Yes
Have you tried?
🤣😂 nice question i still hai 15 buckets claimed i guess
from can-i-take-over-xyz.
Is this vulnerable? asdasd.target.com shows this
<Error> <Code>NoSuchBucket</Code> <Message>The specified bucket does not exist.</Message> <Resource>/asd</Resource> <RequestId>uzEH...</RequestId> </Error>
And DIG shows this:
target.com. * IN NS ns-*.awsdns-53.net. target.com. * IN NS ns-*.awsdns-58.org. target.com. * IN NS ns-*.awsdns-23.co.uk. target.com. * IN NS ns-*.awsdns-44.com.
* - Stars are in the place of some numbers
Yes
Have you tried?
🤣😂 nice question i still hai 15 buckets claimed i guess
Good for you, thanks for the help!!
from can-i-take-over-xyz.
Hello everyone,
I can confirm this takeover is still possible, adding some details:
- If you get an error as 'the bucket .... already exists' --> it's not vulnerable.
- A CNAME pointing to a AWS domain name is not necessary. I took a bucket that was pointing to several IP addresses. The relevant part is the response fingerprint.
- The error with
Code: IncorrectEndpoint
can be fixed removing and creating the bucket in another region. It takes around 1 hour for the bucket to be removed, before that you won't be able to create it. Use AWS Cli to automate this part.- If you are getting
Access denied
errors, check this guide
i try to take subdomain from s3 bucket, if i try access subdomain ex : sub.domain.com always return error 403. but if i access sub.domain.com/index.html it can be open normally. whats the problem?
from can-i-take-over-xyz.
@radiustama77 AWS has very granular permission controls. Opening sub.domain.com/ needs s3:ListBucket permission which you don't have. However, you do have permission to s3:GetObject so if you can guess the name of the file, you will be able to get it. Based on the behavior you described, subdomain takeover is not possible. Also, it seems that bucket files are intended to be public based on 'index.html' filename implications. You may try brute-forcing for filenames and see if you get something sensitive (with gobuster for example).
what i mean is, i already can takeover several subdomain. but for some subdomain, whenever i try to access with subdomain.example.com it return to error 403 access denied. But if i access it with subdomain.example.com/index.html it works and normal.
from can-i-take-over-xyz.
@radiustama77 AWS has very granular permission controls. Opening sub.domain.com/ needs s3:ListBucket permission which you don't have. However, you do have permission to s3:GetObject so if you can guess the name of the file, you will be able to get it. Based on the behavior you described, subdomain takeover is not possible. Also, it seems that bucket files are intended to be public based on 'index.html' filename implications. You may try brute-forcing for filenames and see if you get something sensitive (with gobuster for example).
what i mean is, i already can takeover several subdomain. but for some subdomain, whenever i try to access with subdomain.example.com it return to error 403 access denied. But if i access it with subdomain.example.com/index.html it works and normal.
That's because you have not specified index files in static hosting which you need to for index page. Else it keep coming up with error 403
from can-i-take-over-xyz.
@GDATTACKER-RESEARCHER I already specified the index file in static hosting.
the url from s3 amazon work properly too like subdomain.s3-website-us-east-1.amazonaws.com but error still happened when i try to access via subdomain.example.com
from can-i-take-over-xyz.
It means that the ,bucket is not available for takeovers.
from can-i-take-over-xyz.
Yes it is not possible to claim this one as it's already in use just the permissions for static hosting has been disabled
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?@soynek did you ever find a solution to this? If so, how did you fix it?
In your case us-west-2 is region
how to know the region?
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?@soynek did you ever find a solution to this? If so, how did you fix it?
In your case us-west-2 is region
how to know the region?
simply change the region to us-west-2 in your case for domain girishsarwal.me
from can-i-take-over-xyz.
girishsarwal.me
yeah i mean how to know the region of the domain?
from can-i-take-over-xyz.
id 64053 opcode QUERY rcode NOERROR flags QR RD RA ;QUESTION girishsarwal.me. IN CNAME ;ANSWER ;AUTHORITY something.me. 899 IN SOA ns-732.awsdns-27.net. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400 ;ADDITIONAL
in s3 bucket, i'm facing this problem. What's solution for this ?@soynek did you ever find a solution to this? If so, how did you fix it?
In your case us-west-2 is region
how to know the region?
simply change the region to us-west-2 in your case for domain girishsarwal.me
like in this how i can get the correct region to create a bucket with this domains
from can-i-take-over-xyz.
girishsarwal.me
yeah i mean how to know the region of the domain?
simply try common methods if not possible by that you need to change regions after every 2 hours until you get right one
from can-i-take-over-xyz.
girishsarwal.me
yeah i mean how to know the region of the domain?
simply try common methods if not possible by that you need to change regions after every 2 hours until you get right one
what the common methods? to get the region
from can-i-take-over-xyz.
girishsarwal.me
yeah i mean how to know the region of the domain?
simply try common methods if not possible by that you need to change regions after every 2 hours until you get right one
simply you can also reffer ip history to find the exact ip range matching your vulnerable domain ip https://ip-ranges.amazonaws.com/ip-ranges.json
from can-i-take-over-xyz.
girishsarwal.me
yeah i mean how to know the region of the domain?
simply try common methods if not possible by that you need to change regions after every 2 hours until you get right one
simply you can also reffer ip history to find the exact ip range matching your vulnerable domain ip https://ip-ranges.amazonaws.com/ip-ranges.json
i check the ip for my site with the ping , and then use method like you do to check ip ranges in the amazon prefix but didnt found how i can get the region ? if the ip not avalaibe in that data you send
from can-i-take-over-xyz.
Using other bucket used by websites's default location, using the ip ranges of bucket, use aws-cli to know region etc
from can-i-take-over-xyz.
girishsarwal.me
yeah i mean how to know the region of the domain?
simply try common methods if not possible by that you need to change regions after every 2 hours until you get right one
simply you can also reffer ip history to find the exact ip range matching your vulnerable domain ip https://ip-ranges.amazonaws.com/ip-ranges.json
i check the ip for my site with the ping , and then use method like you do to check ip ranges in the amazon prefix but didnt found how i can get the region ? if the ip not avalaibe in that data you send
Ip range is available if you know networking you should know easily your ip range is mentioned there.
from can-i-take-over-xyz.
girishsarwal.me
yeah i mean how to know the region of the domain?
simply try common methods if not possible by that you need to change regions after every 2 hours until you get right one
simply you can also reffer ip history to find the exact ip range matching your vulnerable domain ip https://ip-ranges.amazonaws.com/ip-ranges.json
i check the ip for my site with the ping , and then use method like you do to check ip ranges in the amazon prefix but didnt found how i can get the region ? if the ip not avalaibe in that data you send
Ip range is available if you know networking you should know easily your ip range is mentioned there.
example this endpass.com this i lookup ip
and got 104.21.37.171 after that i check in iprange prefix amazon but still didnt find , can you give advice?
from can-i-take-over-xyz.
why you need script for it when you can do manually.
from can-i-take-over-xyz.
Hi guys, is this still vulnerable?
I get an error that the bucket name is already taken.🤔
from can-i-take-over-xyz.
Bucket with the same name already exists
Is this edge case now?
from can-i-take-over-xyz.
Bucket with the same name already exists
Is this edge case now?
No
from can-i-take-over-xyz.
Related Issues (20)
- Squarespace ( is this possible for subdomain takeover) HOT 2
- Few services that are not being detected on can-i-take-over-xyz HOT 1
- Squarespace Subdomain Takeover on EdgeCase as Domain Not Claimed HOT 1
- (Page Not Found) pointing to cdne-myjls-admin-int.azureedge.net ( IS THIS VULNERABLE??)
- is this vulnerable?
- Is mailgun.org still vulnerable?? HOT 4
- (404 Web Site not found) Microsoft Azure vulnerable?
- Is fillout.com vulnerable?
- Gemfury fingerprint is very prone to false positiver HOT 1
- cannot set a custom domain at this time.
- squadcast subdomain takeover
- Okta is NOT vulnerable
- Helpscout subdomain takeover HOT 1
- stage-portal Canada Dns? HOT 3
- Subdomain takeover via helpdocs.io
- Subdomain Takeover via Gohire HOT 2
- Does "Sorry, this store is currently unavailable" mention to shopify subdomain takeover? HOT 7
- Subdomain takeover
- Subdomain HOT 1
- Vulunreable or not.. 404 error it will be saying in here .. HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from can-i-take-over-xyz.