can-i-take-over-xyz Smartling Takeover

Smartling Takeover

Open Regala opened this issue 5 years ago • 19 comments

Service name

Smartling is a translation service.

Proof

If the vulnerable domain has a CNAME pointing to e.g. *.smartling.com - open that domain and check for the string:

"Domain is not configured"

This means it should be possible to takeover.

Documentation

Problem here is I can't actually be sure this works. A couple of subdomain takeover tools mention this service as well as this fingerprint, but I can't actually look up any report or blog post specifying this. Furthermore, to have access to smartling it seems you actually have to go through a manual register / validation process (I might be wrong).

The best reference so far is actually smartling documentation here. Reading the article, it doesn't seem any kind of ownership verification is done so, in theory, should be possible to just register a domain and complete the takeover.

If anyone can dig a bit more on this, would be awesome.

Nov 16 '18 09:11 Regala

No idea how to test this, so happy if you can do the ground work.

Where's an example domain: http://cn.atlassian.sl.smartling.com/

This comes from cn.atlassian.com - there's a CNAME pointing there. However, because there A records, it never reaches the CNAME. I think. Who knows, this is unicorns stuff for me.

Nov 16 '18 14:11 Regala

is this still takeover-able

Feb 21 '19 22:02 K4r1it0

paid service :(

Feb 09 '20 19:02 shubham4500

I was able to signup, however i was unable to access the Smartling dashboard where we can perform the subdomain configurations. I am yet to explore more. If any of you guys know about this please through some light. If it is a paid service, I am ok to purchase but this should work.

Apr 20 '20 16:04 knc331

paid service :(

Any more information you have on the Shubam?

Apr 20 '20 16:04 knc331

@knc331 How did you signup?

Jun 29 '20 00:06 swethasridevi

Any more information on this?

Oct 27 '20 12:10 ankushgoel27

anything ??

Dec 12 '20 12:12 jah-cyber

nah nothing!

Dec 12 '20 18:12 ms-geeky

Any info?

Mar 22 '21 16:03 edoardottt

It seams that you can't create a new account.

Apr 04 '21 03:04 pdelteil

It seams that you can't create a new account.

I've tried many times to request a demo in order to create an account but no success in the last 6 months.

I think it should be declared 'Not Vulnerable'

May 07 '21 04:05 pdelteil

Completely manual process, should be Not Vulnerable. @knc331 I think all you did was signed in with Google. You won't be able to do anything with that account aside from logout.

May 12 '21 12:05 0xcrypto

its not vulnerable :(

Jun 27 '21 21:06 vsanjay

Without any proof nobody cannot say it is not vulnerable as you dont know the mindset of black hat hackers,they can anything because security is a myth and if it was not vulnerable,this issue might have already declared as non-vulnerable like others but it was not and it is declared as EDGE CASE.

Lemme rephrase, Completely manual verification process.

Jul 14 '21 04:07 0xcrypto

I was able to signup, however i was unable to access the Smartling dashboard where we can perform the subdomain configurations. I am yet to explore more. If any of you guys know about this please through some light. If it is a paid service, I am ok to purchase but this should work.

How did you sign up?