Subdomain Takeover via HubSpot - Mohamed Haron

Mohamed Haron

This Personal Blog about Security and Writes-Up

Feb 15, 2019

Subdomain Takeover via HubSpot

Last Year I was able to Subdomain takeover in A public Program via HubSpot Service and After that the Program closed my report as informative by a HackerOne Staff. 

Some Researchers says " You can't takeover subdomains via HubSpot any more " after the report of Frans Rosen it was  4 years ago and Seems that Hubspot fixed Their DNS services.

In This Blog I want only to say and Provide that 
HubSpot is still vulnerable to subdomain takeovers

In my Report I was able to ByPass the DNS Confirmation and made the subdomain connect direct to my new DNS 

Subdomain Takeover via HubSpot Finger Print 



No comments:

Post a Comment