How I Got 20 points on a Bugcrowd private program.
Hey its me abhishekmorla , back again with another post regarding Subdomain Takeover.
i came across a private program in bugcrowd.
The scope was *.example.co
So,I quickly open up the tool:
“https://github.com/nahamsec/HostileSubBruteforcer” and paste the
above site “example.co”
It starts enumerating the subdomains and checking weather it is
possible to takeover that particular subdomain or not.
I got the output as shown in below image:
Seems like family.example.co is an alias for unbouncepages.com”
For the confirmation I open up the subdomain in my browser and it was
“ The requested URL was not found on this server. “
okay…
For more i open up the terminal and type :
host family.example.co
&&
ping family.example.co
and the outputs are:
“family.example.co is an alias for unbouncepages.com
unbouncepages.com has address 1x.1xx.xx.xx7
unbouncepages.com has address 3.x.xx7.xx8 “
“unbouncepages.com (3.x.xx7.xx8)”
that’s enough POC for the reporting.
Thanks For Reading!
LinkedIn : https://www.linkedin.com/in/abhishekmorla/
twitter : https://twitter.com/abhishekmorla