Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding Pantheon #24

Closed
0x00xx opened this issue Jul 23, 2018 · 32 comments
Closed

Adding Pantheon #24

0x00xx opened this issue Jul 23, 2018 · 32 comments
Labels
vulnerable

Comments

@0x00xx
Copy link

@0x00xx 0x00xx commented Jul 23, 2018

Hey,

I just wanted to submit another website: Pantheon.

Reference: https://medium.com/@hussain_0x3c/hostile-subdomain-takeover-using-pantheon-ebf4ab813111

@codingo
Copy link
Sponsor Collaborator

@codingo codingo commented Jul 27, 2018

Just letting you know we're not ignoring this one - just trying to carve out some time to properly test it.

@0x00xx
Copy link
Author

@0x00xx 0x00xx commented Jul 27, 2018

Sure, take your time. Thanks for the follow up information!

@EdOverflow EdOverflow added the vulnerable label Sep 9, 2018
@codingo
Copy link
Sponsor Collaborator

@codingo codingo commented Apr 11, 2019

Resolved with #83

@codingo codingo closed this as completed Apr 11, 2019
@omaramin17
Copy link

@omaramin17 omaramin17 commented Apr 22, 2020

i think it doesn't work anymore

@agrawalsmart7
Copy link

@agrawalsmart7 agrawalsmart7 commented May 16, 2020

Yup agreed with @omaramin17.

@aadityao1
Copy link

@aadityao1 aadityao1 commented Sep 2, 2020

Hey,

I just wanted to submit another website: Pantheon.

Reference: https://medium.com/@hussain_0x3c/hostile-subdomain-takeover-using-pantheon-ebf4ab813111

Did you find fix for this?

@cyberblackhole
Copy link

@cyberblackhole cyberblackhole commented Sep 5, 2020

I just tried it and I confirm it is not possible to takeover. Any other update so far?

@wae23123wq
Copy link

@wae23123wq wae23123wq commented Sep 9, 2020

I just tried it and I confirm it is not possible to takeover. Any other update so far?

Is it not possible to takeover on pantheon anymore?

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Sep 23, 2020

I just took over many patheon subdomains.

You need to activate your account using a credit card. I used a virtual credit card and it worked for free.

@aadityao1
Copy link

@aadityao1 aadityao1 commented Sep 23, 2020

pantheon is vulneable

Did many takeover this month

@cyberblackhole
Copy link

@cyberblackhole cyberblackhole commented Sep 24, 2020

@aadityao1 @pdelteil can you please mention the steps in detail.

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Sep 24, 2020

Sure, I will, just need some time.

@rockybhai0516
Copy link

@rockybhai0516 rockybhai0516 commented Nov 16, 2020

@pdelteil update the steps bro

@united36
Copy link

@united36 united36 commented Jan 25, 2021

Hello,

Any dork for this?

@spencer5cent
Copy link

@spencer5cent spencer5cent commented Feb 9, 2021

Hey, I recently found a page with the Pantheon 404 error. I made an account and paid the $50 dollar signup fee. But when I tried to add the vulnerable subdomain, it gave me a “this domain belongs to another organization.” So I cant say for sure if it’s totally impossible to takeover in all situations, but for me it didn’t work and sadly lost money in the process. Thanks for your work!

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Feb 10, 2021

Sure, I will, just need some time.

Here..

https://pdelteil.medium.com/how-i-took-over-several-stanford-subdomains-also-let-me-explain-you-the-pain-to-report-it-d84b08704be8

I used a virtual credit card with no funds to bypass the payment step.

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Apr 29, 2021

I can confirm it's possible still to take over Pantheon domains.

Using a virtual credit card I managed to bypass the payment of 50 dollars.

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Aug 5, 2021

I can confirm it's possible still to take over Pantheon domains.

Using a virtual credit card I managed to bypass the payment of 50 dollars.

It might not be vulnerable anymore.

;
; ANSWER SECTION:
xx.yy.com. 120 IN	CNAME	xx.yy.com.
zz.yy.com. 120	IN	A	23.185.0.3


Screenshot from 2021-08-04 22-29-34

@Dum7c
Copy link

@Dum7c Dum7c commented Sep 10, 2021

Is there an up-to-date way to get around the $50 payment?

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Sep 10, 2021

Reach me over twitter if you need to test a takeover

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Oct 5, 2021

I think it's not possible to perform this take over anymore.

Screenshot from 2021-10-05 15-04-32-2

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Oct 6, 2021

So, this is a edge case. Since some subdomains are vulnerable, while others are not. I don't know the reason.
Just will just need to try if the take over works.

@Phoenix1112
Copy link

@Phoenix1112 Phoenix1112 commented Dec 21, 2021

@pdelteil Although a site using pantheon does not have the word "dev" in its cname, this subdomain adds "dev-" to the beginning when I take over the address. what is the reason of this?

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Dec 22, 2021

@pdelteil Although a site using pantheon does not have the word "dev" in its cname, this subdomain adds "dev-" to the beginning when I take over the address. what is the reason of this?

I don't really know, that seems to be new on the site.

@niemand-sec
Copy link

@niemand-sec niemand-sec commented Dec 22, 2021

Is this still possible? I have access to the Basic subscription, however, I'm getting the error:

You cannot add the domain XXXXXX as it belongs to another organization. If you believe you've received this message in error, please contact Pantheon support.

Maybe the company has an enterprise subscription with the domain that causes this error?

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Dec 24, 2021

Is this still possible? I have access to the Basic subscription, however, I'm getting the error:

You cannot add the domain XXXXXX as it belongs to another organization. If you believe you've received this message in error, please contact Pantheon support.

Maybe the company has an enterprise subscription with the domain that causes this error?

Hello, I haven't tried lately. If you can't add a specific domain doesn't mean you can't add others.

@niemand-sec
Copy link

@niemand-sec niemand-sec commented Dec 29, 2021

Thanks for the answer @pdelteil , what do you mean with others? Despite of not being able to add vuln.company.com, what would be the purpose of adding not-vuln.company.com. I would really appreciate if you could explain further.

Thanks!

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Dec 30, 2021

Thanks for the answer @pdelteil , what do you mean with others? Despite of not being able to add vuln.company.com, what would be the purpose of adding not-vuln.company.com. I would really appreciate if you could explain further.

Thanks!

Want I meant is, if one domain is not vulnerable doesn't mean other domains are not vulnerable. You just need to try them all.

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Feb 27, 2022

Guys just dont ask this b*tch for help : @pdelteil He will know the vulnersble domain from you , and try to block you for literally no valid reason !

Reach me over twitter if you need to test a takeover

I won't tolerate abusive and rude behavior. I have helped many researchers, almost all of them were respectful and we agreed on the terms of the collaboration.

You insulting me describes very well your character.

@Abdullah-4fg
Copy link

@Abdullah-4fg Abdullah-4fg commented Feb 27, 2022

@pdelteil I regret asking for help from you..
All i needed was to confirm whether the domain can be hosted or not (because i dont have pantheon professional account), of which i didnt get the answer ...Instead you asking for program details .?!

Since you know the domain name now, go ahead report it , i dont care now !

@vansh1
Copy link

@vansh1 vansh1 commented Mar 8, 2022

@pdelteil what's your Twitter i want to get subdomain checked

@pdelteil
Copy link
Contributor

@pdelteil pdelteil commented Mar 8, 2022

@pdelteil what's your Twitter i want to get subdomain checked

Hi, I don't longer have a paid account on Pantheon.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
vulnerable
Projects
None yet
Development

No branches or pull requests