AWS cloudfront subdomain takeover
567 views
Skip to first unread message
mrxlim...@gmail.com
Jun 21, 2018, 2:37:13 PM6/21/18
to null
Hi Everyone,
Is it still possible to takeover a subdomain pointing non-existent cloudfront? The sub-domain throws 403 error(The request could not be satisfied) on both http and https,but when I try claiming it,AWS gives me the error as
Has AWS fixed this issue,or am I wrong somewhere?
Thanks
Is it still possible to takeover a subdomain pointing non-existent cloudfront? The sub-domain throws 403 error(The request could not be satisfied) on both http and https,but when I try claiming it,AWS gives me the error as
com.amazonaws.services.cloudfront.model.CNAMEAlreadyExistsException: One or more aliases specified for the distribution includes an incorrectly configured DNS record that points to another CloudFront distribution. **You must update the DNS record to correct the problem. For more information, see https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-restrictions (Service: AmazonCloudFront; Status Code: 409; Error Code: CNAMEAlreadyExists; Request ID: 9db10fbb-653c-11e8-8f63-579f640cb5c3)
Has AWS fixed this issue,or am I wrong somewhere?
Thanks
Geek
Jun 30, 2018, 8:01:58 AM6/30/18
to null
If my understanding is correct, AWS has recently added a security checks to prevent such domain claim. I came across a subdomain that throws the below error message for both HTTP and HTTPS hit.
Reply all
Reply to author
Forward
0 new messages