DNS/hijacking/事例/starbucksについて、ここに記述してください。
Subdomain Takeover: Starbucks points to Azure https://0xpatrik.com/subdomain-takeover-starbucks/
This post is the write-up about bug bounty report that I reported back in March 2018 to Starbucks.
- The report is now disclosed, and I was awarded $2,000 bounty.
Although I have written about subdomain takeover in multiple posts, this case was somehow different.
HackerOne Report
The domain in question was svcgatewayus.starbucks.com.
- The domain pointed to a non-existing resource in Microsoft Azure.
I realized that I have never talked about Microsoft Azure as a potential vector for subdomain takeover.
I have to say that I find the Azure portal very messy.
- IMHO it is a lot more complex than AWS with no significant benefits.