Skip to content

Gumfury subdomain takeover #154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
khaledibnalwalid opened this issue Jun 24, 2020 · 12 comments
Closed

Gumfury subdomain takeover #154

khaledibnalwalid opened this issue Jun 24, 2020 · 12 comments
Labels
vulnerable Someone has provided proof in the issue ticket that one can hijack subdomains on this service.

Comments

@khaledibnalwalid
Copy link

khaledibnalwalid commented Jun 24, 2020
edited
Loading

Service name

Gumfury

Proof

https://khaledibnalwalid.wordpress.com/2020/06/25/gemfury-subdomain-takeover/

Edit 20 May 2025

it has been patched now
adiffpirate added a commit to adiffpirate/can-i-take-over-xyz that referenced this issue Jul 19, 2020
@adiffpirate
New services
d35d2ee 
Added:

- Gemfury EdOverflow#154
- Uberfilp EdOverflow#150
- Agile CRM EdOverflow#145
- Pingdom EdOverflow#144
- Worksites EdOverflow#142
@adiffpirate adiffpirate mentioned this issue Jul 19, 2020
Merged
manasmbellani pushed a commit to manasmbellani/subjack that referenced this issue Aug 16, 2020
fingerprints.json: Added check for gemfury subdomain takeover. Taken …
931ba79 
…from: EdOverflow/can-i-take-over-xyz#154
manasmbellani pushed a commit to manasmbellani/subjack that referenced this issue Aug 16, 2020
fingerprints.json: Added check for gemfury subdomain takeover. Taken …
91c3a20 
…from: EdOverflow/can-i-take-over-xyz#154
@manasmbellani manasmbellani mentioned this issue Aug 16, 2020
Open
@EdOverflow EdOverflow added the vulnerable Someone has provided proof in the issue ticket that one can hijack subdomains on this service. label Feb 3, 2021
@th3r4id
Copy link

th3r4id commented Aug 26, 2022
edited
Loading

Looks like edge case now getting an error "Name already exists" @EdOverflow

@0xAm225
Copy link

0xAm225 commented Dec 27, 2022

Looks like edge case now getting an error "Name already exists" @EdOverflow

Looks like edge case now getting an error "Name already exists" @EdOverflow

true, i just got the same, but also the page looks differecent then @khaledibnalwalid shared, looks something like http request logging, i tried to claim it but it said "Name Already Exists"

@ZishanAdThandar
Copy link

LOOKS LIKE NOT VULNERABLE

I scanned with subzy. Result showed like that. And during takeover it shows "Name already exists".

1
2

@0xAm225
Copy link

0xAm225 commented Jan 4, 2023

LOOKS LIKE NOT VULNERABLE

I scanned with subzy. Result showed like that. And during takeover it shows "Name already exists".

1 2

Exactly same with me lol, i also used subzy and then tried to claim it but it says the name is already taken

@bhataasim1
Copy link

I think this is NOT VULNERABLE

@wadethrillson
Copy link

i added names to my domains but now it says dns validation issue. how to fix that?

@itsryuku
Copy link

Thu May 23 10:32:27 AM EDT 2024, didn't work for me.

@khaledibnalwalid
Copy link
Author

I think it has been resolved from the vendor

@ceylanb
Copy link

ceylanb commented Nov 25, 2024

Not vulnerable. I tried 10+ subdomains matching the vulnerability conditions, but "Name already exists" returned.

@hackinwolf
Copy link

Looks like this issue is patched. Before activating the domain, you'll need to verify ownership by adding a CNAME record to your DNS settings.

Image

@Varnan-07
Copy link

Looks like this issue is patched. Before activating the domain, you'll need to verify ownership by adding a CNAME record to your DNS settings.

Image

Bro same thing happened to me what to do next pls any one help me

@Varnan-07
Copy link

Bro that subdomain added but it show not configured what to do
Is it vulnerable or patched?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
vulnerable Someone has provided proof in the issue ticket that one can hijack subdomains on this service.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
12 participants
@ceylanb @ZishanAdThandar @EdOverflow @th3r4id @khaledibnalwalid @itsryuku @bhataasim1 @hackinwolf @wadethrillson @0xAm225 @Varnan-07 and others