Open Regala opened 6 years ago
No idea how to test this, so happy if you can do the ground work.
Where's an example domain: http://cn.atlassian.sl.smartling.com/
This comes from cn.atlassian.com - there's a CNAME pointing there. However, because there A records, it never reaches the CNAME. I think. Who knows, this is unicorns stuff for me.
is this still takeover-able
paid service :(
I was able to signup, however i was unable to access the Smartling dashboard where we can perform the subdomain configurations. I am yet to explore more. If any of you guys know about this please through some light. If it is a paid service, I am ok to purchase but this should work.
paid service :(
Any more information you have on the Shubam?
@knc331 How did you signup?
Any more information on this?
anything ??
nah nothing!
Any info?
It seams that you can't create a new account.
It seams that you can't create a new account.
I've tried many times to request a demo in order to create an account but no success in the last 6 months.
I think it should be declared 'Not Vulnerable'
Completely manual process, should be Not Vulnerable. @knc331 I think all you did was signed in with Google. You won't be able to do anything with that account aside from logout.
its not vulnerable :(
I was able to signup, however i was unable to access the Smartling dashboard where we can perform the subdomain configurations. I am yet to explore more. If any of you guys know about this please through some light. If it is a paid service, I am ok to purchase but this should work.
How did you sign up?
is this still a non-issue? still finding smartling domains with the "Domain is not configured" text
I can't sign up in smartling? how can I do?
It's the same issue discussed above. I think it's not vulnerable ;)
Has anyone created an account on Smartling? if yes then please share the process
Service name
Smartling is a translation service.
Proof
If the vulnerable domain has a CNAME pointing to e.g. *.smartling.com - open that domain and check for the string:
"Domain is not configured"
This means it should be possible to takeover.
Documentation
Problem here is I can't actually be sure this works. A couple of subdomain takeover tools mention this service as well as this fingerprint, but I can't actually look up any report or blog post specifying this. Furthermore, to have access to smartling it seems you actually have to go through a manual register / validation process (I might be wrong).
The best reference so far is actually smartling documentation here. Reading the article, it doesn't seem any kind of ownership verification is done so, in theory, should be possible to just register a domain and complete the takeover.
If anyone can dig a bit more on this, would be awesome.