Subdomain Takeover via Shopify Vendor ( ) with Steps - Mohamed Haron

Mohamed Haron

This Personal Blog about Security and Writes-Up

Oct 1, 2018

Subdomain Takeover via Shopify Vendor ( ) with Steps

Subdomain Takeover via Shopify Vendor ( )

Program : Shopify

Domain :
in Scope : yes it belong to shopify =
Bounty : Not eligible for bounty!
I was using aquatone but it show me the subdomain and didn't show me that vulnerable to subdomain Takeover vulnerability !!
when I go directly to
I found it asking me to connect the domain to my shopify Store !
Shopify team was fast response triaged and fixed the report in 15 min from triage 

Takeover steps 
1) create your free trial account of shopify store 
2) now you have a free account you just need to add your vulnerable subdomain from here
and click on ( Connect existing domain )
3) Add your vulnerable subdomain and click on verify ( connect )
it will be like this poc
4) wait minute and now when you enter your shopify store url 
it will redirect to vulnerable subdomain
My disclosed report on Hackerone

No comments:

Post a Comment