Uber's sub-domain takeover

On December 12 2016, the bug bounty hunter Fran Rosén published a sub-domain takeover affecting Uber.

Fran Rosén detected that the sub-domain rider.uber.com failed for three hours, as it was pointing to a non-existent Cloudfront instance instead, as shown in the following screenshot:

Fran Rosén took advantage of this and claimed the sub-domain in Cloudfront, creating the following proof of concept:

The impact of this was critical, despite being a temporary error from Uber, as it is one of the most-visited URLs in the Uber application.

If you want to read more about this bug, visit the following link: https://hackerone.com/reports/175070.
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.142.197.95