If you enjoy what I do, please support me Buy Me Ko-fi! https://ko-fi.com/h0tak88r
Last updated
In the name of ALLAH the most gracious the most merciful
So today i will talk about how i got my critical subdomain takeover on ford motors
Ford is a family company, one that spans the globe and has shared ideals. We value service to each other and the world as much as to our customers. Generations ...
First i collected subdomains using subfalcon
So here i used my another go tool subov88r
The results was something like
the result that talk my attention was like
So i quickly started to look into this subdomain but the httpx tool didn't recognize this subdomain as a valid domain
Then i decided to see this subdomain in the browser and as i expected\
Ok let's check can i take over xyz project
https://github.com/EdOverflow/can-i-take-over-xyz/issues/35 Oh no they say that it is not vulnerable
Still, I didn't give up. I decided to investigate on my own, and guess what? I found out that there was indeed an issue, and I successfully took control of it. It's always good to double-check! 🛡️🌐
Undeterred, I decided to manually investigate, and voila! Success – I managed to take over the CNAME <vulnerable>.trafficmanager.com . Always good to verify! 🛡️🌐
Then reported the issue with HIGHT severity and the Team changed the severity to Critical and triaged my report Update: Issue Resolved !!
