Detect Azure's traffic manager subdomains (trafficmanager.net) - Githubissues

Ice3man543 / SubOver

A Powerful Subdomain Takeover Tool

BSD 2-Clause "Simplified" License

918 stars 198 forks source link

Detect Azure's traffic manager subdomains (trafficmanager.net) #19

Closed menzow closed 5 years ago

menzow commented 5 years ago

Traffic Manager lets you route traffic within Azure. Using cnames to xxx.trafficmanager.net it's sometimes possible to takeover such routing. Portal link: https://portal.azure.com/#create/Microsoft.WebSite

More info: https://azure.microsoft.com/en-us/services/traffic-manager/

screen shot 2018-07-26

ScrubsAndStats commented 5 years ago

In addition to Traffic Manager profiles Cloud Services (.cloudapp.net) and Blob Storages (.blob.core.windows.net) are also vulnerable to Subdomain Takeovers. Which are not detected by SubOver.

Ice3man543 commented 5 years ago

Sorry for the late response, actually the public project is discontinued. Please check https://github.com/haccer/subjack. I am not maintaining this at the moment.