Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

leadpages.com possible to takeover #166

Open
GDATTACKER-RESEARCHER opened this issue Sep 3, 2020 · 9 comments
Open

leadpages.com possible to takeover #166

GDATTACKER-RESEARCHER opened this issue Sep 3, 2020 · 9 comments
Labels
vulnerable Someone has provided proof in the issue ticket that one can hijack subdomains on this service.

Comments

@GDATTACKER-RESEARCHER
Copy link

leadpages.com

error page looks like this one
leadpages

Documentation

https://support.leadpages.com/hc/en-us/articles/218820517-Connect-your-domain
@GDATTACKER-RESEARCHER
Copy link
Author

image

@GDATTACKER-RESEARCHER
Copy link
Author

image

@GDATTACKER-RESEARCHER
Copy link
Author

Erro Code

404
This page couldn’t be found,
so let’s get you turned around!
The page you’re looking for may have been moved.
Double check that you have the right web address and give it another go!

@adityathebe
Copy link

The CNAME should be set to custom-proxy.leadpages.net ? Or is the custom-proxy part a variable ?

Closed
@GDATTACKER-RESEARCHER
Copy link
Author

image
in my test case the domain have cloudflare records only

@EdOverflow EdOverflow added the vulnerable Someone has provided proof in the issue ticket that one can hijack subdomains on this service. label Nov 22, 2020
sumgr0 added a commit to sumgr0/subjack that referenced this issue Dec 1, 2020
@sumgr0
Added Leadpages
015143c 
EdOverflow/can-i-take-over-xyz#166
@WRAGG5
Copy link

WRAGG5 commented Jul 22, 2021

this error page doesnt always mean its vulnerable
Capture

anyone can select default error page after adding this to domain

@knowthetech
Copy link

@WRAGG5 sorry sir but the page you are showing is alot different from the poc i showed and secondly manually checking will define better whether it can be or not i am able to do so the issue has been raised

@KAFILTAFISH21
Copy link

The CNAME should be set to custom-proxy.leadpages.net ? Or is the custom-proxy part a variable ?

Me too got the same issue

@rajrathod-code
Copy link

2024-10-03 19_23_55-OneNote for Windows 10
I am also observing the same error. I am not sure how to takeover subdomain via claiming CNAME. Can anyone help?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
vulnerable Someone has provided proof in the issue ticket that one can hijack subdomains on this service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@adityathebe @EdOverflow @WRAGG5 @GDATTACKER-RESEARCHER @knowthetech @rajrathod-code @KAFILTAFISH21