BOOK THIS SPACE FOR AD
ARTICLE ADAs-salamu alaykum everyone, It’s me Mohd Hasan Ansari aka Jerry1319 a you guys knows me well via mine handles ( Reality : Nobody cares 😒) .
Before testing this issue i tried to scan subdomain for subdomain takeover using subzy but didn’t found any hit because all CNAME are valid but it’s a different scenario here which was not even detected by any tools . So without wasting any time let’s start this up
I was testing over google for long time and the product of google is ASM product , let’s gave it a name Jerry.com ( everyone put redact.com let’s change it ) . I tried hard to find out how to login or get access to the ASM product as the access is only accessible for paid users only.
I opened the youtube channel of Jerry.com and started viewing all the videos available there . One of the video’s description has a subdomain link when i checked that out it was giving me a weird error, When i checked the CNAME then it was pointing to a service which was previously owned by Jerry.com but in 2021 they sold this product and name to another company due to which this error is occurring when i searched this issue over internet then i got to know that this scenario is known as Dangling CNAME/ Orphaned CNAME .
What is Dangling CNAME / Orphaned CNAME ?
If a service or product which was previously owned by Jerry.com and now sold-out to any other company but due to some issues developer and auditor forget to Change the CNAME to valid DNS and still it is pointing to Old Product then it’s a Dangling CNAME/ Orphaned CNAME issue.
As I explained things here similarly the Jerry.com is pointing to another product which is not owned by google and it is causing them Service disruption and potential exploitation of the subdomain via the sold-out company now who owned the product of google .
What will be the Impact here ??
It is affect the service disruption, potential subdomain abuse and takeover + Reputational damage to the company.
Conclusion
After confirming everything I wrote a well report explaining everything in it with the attack scenario and all and reported it to google and it was accepted by them .
Tip for reporting issue on google : If your report is not much technical/ business logic issue then add attack scenario explaining every issue in it while reporting to google increases your chances to get accepted As P2 .
That’s all for today hope that it will help you out in your hunting journey .
Signing out Mohd Hasan Ansari aka Jerry1319