Uberflip Service

Question

Uberflip Service

AmanShahid opened this issue 4 years ago · comments

AmanShahid commented 4 years ago

Service name

Uberflip

Proof

https://hackerone.com/reports/863551

Documentation

If the subdomain shows error "Non-hub domain, The URL you've accessed does not provide a hub. Please check the URL and try again." and is pointing toward read.uberflip.com then it is vulnerable to takeover because according to uberflip "The only protection is the customer’s proper management of their subdomains.
For this reason, we do not recommend customers point wildcards to us, and that they follow DNS management best practices by periodically reviewing all their hostnames and subdomains."

Thanks,
Aman Shahid
https://twitter.com/amansmughal

sumgr0 · Answer 1 · Tue May 19 2020 20:57:58 GMT+0800 (China Standard Time)

Hi @AmanShahid

Thank you for sharing the report.
Going to uberflip.com for account setup, I could not see any way to signup for a service. Request you to kindly share the process/url to signup for the service to understand the process of hosting a POC for the takeovers.

Best,
sumgr0

Ethan · Answer 2 · Thu Feb 25 2021 19:12:58 GMT+0800 (China Standard Time)

Some websites might not be added to an Uberflip account, however it is not possible for takeover. Registering for an account is not possible, you have to book a demo with the sales team.

The Hackerone report that was linked above was an empty takeover, they didn't actually perform it. I find it highly unlikely that someone could register with their sales team pretending to be that company.

Should this be closed as not possible?