Getservice Subdomain Takeover via Branch.io
- Reported to Getservice
- Reported by Haqtify
- Medium (6.2)
- $500
- Published 3 years ago
- 1 Like
URL :
http://referrals-test.getservice.com
Description :
I opened referrals-test.getservice.com on the browser it was redirecting on branch.io that mean anyone can claim it via branch.io. Company should remove the DNS or redirect all to the main domain far from open individually to claim an attacker to take over.
CNAME:
Type : CNAME
Domain Name : referrals-test.getservice.com
Canonical Name : custom.bnc.lt
Steps To Reproduce:
1 Goto branch.io
2.Then goto Configuration.
https://dashboard.branch.io/configuration/general
3.Goto Link Domain Section and add expired domain.
4.Domain Takeover Successfully . Now redirect User to any malicious domain via referrals-test.getservice.com , i can set evil.com for redirection.