search

EdOverflow / can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Creative Commons Attribution 4.0 International
4.87k stars 716 forks source link

Subdomain takeover via bubble.io #382

Open sofyanmoch opened 1 year ago

sofyanmoch commented 1 year ago

Service name

bubble.io

Cname: app.bubble.io

Proof

  1. Register bubble.io ,
  2. create page
  3. custom domain
  4. deploy

Vuln example

Screenshot 2023-09-30 at 07 49 04

Proof

Screenshot 2023-09-30 at 07 49 44

Documentation

https://manual.bubble.io/help-guides/optimizing-an-application/hosting-and-scaling/domain-and-dns