Subdomain Takeover via smugmug
m7mdharoun opened this issue · 3 comments
m7mdharoun commented
Smugmug
Proof To Takeover
- Create your custom subdomain on smugmug example : your-custom.smugmug.com
- go to https://your-custom.smugmug.com/settings?nick=your-custom
- Scroll down and add the vulnerable domain
Note :
The cname of vulnerable subdomain must be SmugMug's CNAME (domains.smugmug.com)
bluedangerforyou commented
I see alot of cloudfront net, so cname answer must be domains.smugmug.com to be vulnerable correct?
m7mdharoun commented
Yes that's right cname must be domains.smugmug.com
and there is another premium domains from smugmug the cname is your-custom.smugmug.net
and this you can't takeover it ! only the cname domains.smugmug.com
is possible to takeover if your account on smugmug expired.
bluedangerforyou commented
Thank you.