Open AmanShahid opened 4 years ago
Hi @AmanShahid
Thank you for sharing the report. Going to uberflip.com for account setup, I could not see any way to signup for a service. Request you to kindly share the process/url to signup for the service to understand the process of hosting a POC for the takeovers.
Best, sumgr0
Some websites might not be added to an Uberflip account, however it is not possible for takeover. Registering for an account is not possible, you have to book a demo with the sales team.
The Hackerone report that was linked above was an empty takeover, they didn't actually perform it. I find it highly unlikely that someone could register with their sales team pretending to be that company.
Should this be closed as not possible?
Service name
Uberflip
Proof
https://hackerone.com/reports/863551
Documentation
If the subdomain shows error "Non-hub domain, The URL you've accessed does not provide a hub. Please check the URL and try again." and is pointing toward read.uberflip.com then it is vulnerable to takeover because according to uberflip "The only protection is the customer’s proper management of their subdomains. For this reason, we do not recommend customers point wildcards to us, and that they follow DNS management best practices by periodically reviewing all their hostnames and subdomains."
Thanks, Aman Shahid https://twitter.com/amansmughal