Shopify Real Check with REST API
buckhacker opened this issue · 3 comments
Service name
Shopify
Proof
- Page must contain: Sorry, this shop is currently unavailable.
- CNAME must contain: myshopify.com or shops.myshopify.com
- REST API Query must answer with: "status":"available"
Please read the docs for more details.
Documentation
I wrote a long article and release a small script that performs three types of test (page error message, CNAME and REST API query).
https://medium.com/@thebuckhacker/how-to-do-55-000-subdomain-takeover-in-a-blink-of-an-eye-a94954c3fc75
https://github.com/buckhacker/SubDomainTakeoverTools/blob/master/ShopifySubdomainTakeoverCheck.py
I'm familiar with your article / repository - quite a fan of this work (cottoned onto it early via a Github watch).
I'll review this shortly.
A potentially interesting case:
ftp.target.com. 2236 IN CNAME target.com.
target.com. 44 IN A 23.227.38.65
www.target.com. 28 IN CNAME target2.myshopify.com.
target2.myshopify.com. 1928 IN CNAME shops.myshopify.com.
shops.myshopify.com. 15 IN A 23.227.38.74
target.com redirects to www.target.com (301)
In Shopify target.com and www.target.com were not available but ftp.target.com was and I was able to takeover the subdomain.