Full Sub Domain Takeover at s3.websummit.net
Unknown
Vulnerability Details
Hey
The sub domain at `s3.websummit.net` is pointing to `dws-content.s3-website-eu-west-1.amazonaws.com.`
> http://s3.websummit.net/
````
404 Not Found
Code: NoSuchBucket
Message: The specified bucket does not exist
BucketName: s3.websummit.net
RequestId: DB4C92F0D805D3F3
HostId: NdSB/5EgNAiQz7B2pjzfBy5QwA6977cvAroA5vCyqfSsPR3nZLgdEyv4vQA4NCISzpILKP0WddM=
````
This means that the bucket has now expired and this can now be claimed and content can be hosted on behalf of `http://s3.websummit.net/`
Actions
View on HackerOneReport Stats
- Report ID: 173412
- State: Closed
- Substate: resolved
- Upvotes: 5