Aslam-O-Alaikum,
Brothers and their Sisters.Today i am Going to Disclose my recent Findings on Iwantmyname(BugCrowd).
According to This Issue I am Able to Fully Takeover a Sub_domain.
Tool Used:-
Knockpy ( A python Sub_Domain Finder)
PoC:-
I just Founded a Sub Domain That is Created With Domain iwantmyname.com
This SubDomain Contains The Nameserver's and DNS Recored of WpEngine But It is not linked with any account of Wp_engine.
This SubDomain Contains The Nameserver's and DNS Recored of WpEngine But It is not linked with any account of Wp_engine.
Replication Steps
1.Go to Wpengine.com
2.Buy a Membership
3.Add domain
http://an.iwantmyname.com/
4.Done
Sub_domain Is Now Of Attacker.
2.Buy a Membership
3.Add domain
http://an.iwantmyname.com/
4.Done
Sub_domain Is Now Of Attacker.
Reward : Kudos
0 comments:
Post a Comment