Book Image

Bug Bounty Hunting Essentials

By : Carlos A. Lozano, Shahmeer Amir
Book Image

Bug Bounty Hunting Essentials

By: Carlos A. Lozano, Shahmeer Amir

Overview of this book

Bug bounty programs are the deals offered by prominent companies where-in any white-hat hacker can find bugs in the applications and they will have a recognition for the same. The number of prominent organizations having this program has increased gradually leading to a lot of opportunity for Ethical Hackers. This book will initially start with introducing you to the concept of Bug Bounty hunting. Then we will dig deeper into concepts of vulnerabilities and analysis such as HTML injection, CRLF injection and so on. Towards the end of the book, we will get hands-on experience working with different tools used for bug hunting and various blogs and communities to be followed. This book will get you started with bug bounty hunting and its fundamentals.
Table of Contents (20 chapters)
Title Page
Copyright and Credits
About Packt
Contributors
Preface
Index

Sub-domain takeovers in the wild


In the following sections, we will review some examples of reports about sub-domain takeovers.

Ubiquiti sub-domain takeovers

On February 6 2017, a bug bounty hunter called madrobot published a report about domain takeover in Ubiquiti.

madrobot discovered that one of Ubiquiti's subdomains was pointing to the following Google IP address:

216.58.203.243    moderator.ubnt.com216.58.203.243    ghs.google.com216.58.203.243    ghs.l.google.com

The DNS register for the sub-domain was illustrated in the follow-up evidence, as shown in the following screenshot:

So, when the user entered the sub-domain moderator.ubnt.com from the web browser, it showed Google's page instead, as shown in the following screenshot:

As we can see, any user can claim the sub-domain for themselves and use it to damage Ubiquiti.

Note

If you want to read more about this bug, visit the following link: https://hackerone.com/reports/181665.

Scan.me pointing to Zendesk

On February 16 2016, a security researcher...