DNS Misconfiguration

From Hackipedia
Jump to: navigation, search
Hackerone #7085
Target: IRCCloud
Target Module:
Type: Best Practice/XSS
Original: Link

IRCCloud had a local.irccloud.com mapped to in public DNS systems. This made it possible for users to launch same-site scripting attacks.

How To Perform

  1. Install the knock python script
    1. https://github.com/guelfoweb/knock
  2. Perform scan
  3. Check results for localhost/