Closed Bug 1722109 Opened 4 years ago Closed 3 years ago

Subdomain takeover of vigilant-monk.mozillahubstraining.org

Categories

(Websites :: Other, defect)

Product:
Websites
Component:
Other
Type:
defect

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: leo.sta.ls, Unassigned)

References

Details

(Keywords: reporter-external, wsec-takeover, Whiteboard: [reporter-external] [web-bounty-form])

vigilant-monk.mozillahubstraining.org was pointing to a dangling AWS IP.

POC:
http://vigilant-monk.mozillahubstraining.org/dGFrZW92ZXIK.html

Best regards,
Leo

Flags: sec-bounty?
See Also: → 1722108

Thanks Leo

curl http://vigilant-monk.mozillahubstraining.org/dGFrZW92ZXIK.html
Subdomain Takeover POC
Status: UNCONFIRMED → NEW
Type: task → defect
Ever confirmed: true
Keywords: wsec-takeover
Whiteboard: [reporter-external] [web-bounty-form] [verif?] → [reporter-external] [web-bounty-form]
See Also: → 1723372
See Also: → 1732386

Thank you for your report. Subdomain takeovers of domains like this are out of scope of the bug bounty program - please see here for more information.

This subdomain has been deleted

# host vigilant-monk.mozillahubstraining.org
Host vigilant-monk.mozillahubstraining.org not found: 3(NXDOMAIN)
Group: websites-security
Status: NEW → RESOLVED
Closed: 3 years ago
Flags: sec-bounty?
Flags: sec-bounty-hof-
Flags: sec-bounty-
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.