Trello: Subdomain Take over & username enemuration

ID H1:172024
Type hackerone
Reporter mubassir92
Modified 2016-09-26T17:44:38


Bug #1

The ip of domain is not pointing to,Attacker can signup there and takeover subdomain by using this ip check the error message by visiting domain ip it say's that:

This domain is successfully pointed at WP Engine, but is not configured for an account on our platform.

If you just signed up, we're still likely creating your account. Did you add this domain to your install? Did you point DNS to the correct IP address or CNAME?

If you've completed the steps above, or need more help, please contact us and we can help get your site up and running in no time. ======== ========

Bug #2

username enumeration

Poc: is vulnerable to username enemuration here is the username of wp-admin

ID User Login 1 admin admin 2 Dan Ostlund dan

wordpress allow to brute force password and on net there are diffrent tools to brute force password of wordpress like WPscan