Ghost subdomain takeover not possible on 404: Page Not Found The thing you were looking for is no longer here, or never was
gujjuboy10x00 opened this issue · 4 comments
gujjuboy10x00 commented
Service name
This is only possible to takeover if http://vulnerabledomain.ghost.io/ghost/#/signin is redirect to https://offline.ghost.org/#/signin (where vulnerable domain is vulnerable host like adminpatel etc. )
Proof
go to https://adminpatel.ghost.org/ghost/#/signin and takeover it
Kaue-Navarro commented
Hello good afternoon!!
Is this acquisition still possible?
Kaue-Navarro commented
pdelteil commented
Kaue-Navarro commented
First you create a common site there you will get a pseudonym from them.
Then in the account you change it.
https://medium.com/@kauenavarro/bug-bounty-subdomain-takeover-in-target-cname-ghost-io-e5c601a2dd55
So if your case was not the same as mine in terms of configuration within the platform by the target host.
But see my article if it helps you understand the process.