Subdomain Takeover at http://gameday.websummit.net
Critical
Vulnerability Details
As i said in the title i found a subdomain takeover vulnerability on the url http://gameday.websummit.net
The url was trying to find a bucket that didn't exist from a probably forgotten dns entry that was at
gameday.websummit.net.s3-website-eu-west-1.amazonaws.com
So i created a bucket with the specified name and uploaded a poc.
POC in the pictures
For more infos please ask...
Actions
View on HackerOneReport Stats
- Report ID: 193056
- State: Closed
- Substate: resolved
- Upvotes: 9