Zomato: Subdomain Takeover

ID H1:113869
Type hackerone
Reporter kiraak-boy
Modified 2016-03-09T10:57:00



Your Subdomain engineering.zomato.com is Pointing to Tumblr.com

You should immediately remove the DNS-entry for engineering.zomato.com is Pointing to Tumblr.com.. Any One Can Claim That Domain , Please Read The Advisory Below.

Remediation Please make sure you're always going through your DNS-entries so no subdomains are pointing to external services you do not use.

We've written an advisory about this at Detectify: http://blog.detectify.com/post/100600514143/hostile-subdomain-takeover-using-heroku-github-desk

Where you can read more about this sort of attack.

I Have Done NSLookup For POC :-

nslookup engineering.zomato.com Server: Address:

Non-authoritative answer: engineering.zomato.com canonical name = domains.tumblr.com. Name: domains.tumblr.com Address: Name: domains.tumblr.com Address: