Comments (3)
@sumgro usually if it is an S3 bucket, the bucket name would be in the HTTP response, in which case you could takeover the domain by simply registering that bucket name.
I'm not sure if this is always the case though!
from can-i-take-over-xyz.
@hakluke thanks for the suggestion. I was able to discover the bucket name from the HTTP response.
Now I understand, that the S3 bucket is pointed at using the Fastly service.
One more question:
What is the best way to confirm the endpoint given by AWS is the exact match with one pointed to by fastly service.
from can-i-take-over-xyz.
@sumgro You can derive the bucket endpoint from the bucket name using the schema outlined in this doc: https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html
http://bucket.s3.aws-region.amazonaws.com.
http://bucket.s3.amazonaws.com
from can-i-take-over-xyz.
Related Issues (20)
- Gemfury fingerprint is very prone to false positiver HOT 1
- cannot set a custom domain at this time.
- squadcast subdomain takeover
- Okta is NOT vulnerable
- Helpscout subdomain takeover HOT 1
- stage-portal Canada Dns? HOT 3
- Subdomain takeover via helpdocs.io
- Subdomain Takeover via Gohire HOT 2
- Does "Sorry, this store is currently unavailable" mention to shopify subdomain takeover? HOT 7
- Subdomain takeover
- Subdomain HOT 1
- Vulunreable or not.. 404 error it will be saying in here .. HOT 2
- Discoure "trydiscourse.com" subdomain doesn't vulnerable
- fastly is vuln HOT 3
- if a website has CNAME that points to <random>.awsglobalaccelerator.com . Is it possible to takeover it ?
- Subdomain takeover using mintlify.com HOT 2
- Subdomain takeover using ning.com
- No more github page takeover
- [Vulnerable] Wasabi Bucket Takeover
- .pantheonsite.io
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from can-i-take-over-xyz.