-
-
Notifications
You must be signed in to change notification settings - Fork 717
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Getresponse.com vulnerable to subdomain takeover #235
Comments
Hmmm, not vulnerable now. |
I remember I could not make the association between the vulnerable domain with the admin interface, I had to open a ticket to the support to make them associate the domain even if it is not associated with any customer. |
working i have tested |
Not working now |
is this still vulnerable? it's showing me that the victim subdomain is used in another account so that i can't register that and connect that here, but I'm unaware of how do they verify, no txt record or other verifications are done by them. So, is this still vulnerable in any other way? and if not, how are they verifying that the victim subdomain doesn't belong to the attacker? is there a bypass to that? looking forward to hearing from someone who has knowledge on this, also @lovepentest what did you see when you tested this, can you share that with us? Thanks, happy hacking! |
It simply means it's already claimed by org or someone but the default page is not changed. |
Do you mean, this service is still vulnerable if not claimed? But, in my case one party has claimed it already, they just haven't changed the landing page right? Thanks, in advance for explaining @GDATTACKER-RESEARCHER 😄 |
Yes |
Thanks for explaining😄 |
Service name
GetResponse - https://www.getresponse.com/
Vulnerable domain which can be takeover
Fingerprint: "Cette landing page n'est plus disponible" (FR)
Steps to takeover
The text was updated successfully, but these errors were encountered: