Hi Folks,
I’m not going to talk a lot about this issue because it’s a little bit trivial but it affects Godaddy’s parked domains redirector/processor.
First, What is Godaddy?
For all of you who don’t know Godaddy
GoDaddy Inc. is an American publicly traded Internet domain registrar and web hosting company. As of May 2017, GoDaddy has served approximately 17 million customers and had over 6000 employees worldwide.The company is known for its advertising. It has been involved in several controversies related to censorship.
Getting directly down to the details:
Our early STaaS (Security Testing as a Service, Vulnerability and Risk Management Platform) Sonarify managed to find a cross site scripting vulnerability affecting mcc.godaddy.com which can be used in stealing cookies, phishing attacks and many more. (Read about the usages of XSS vulnerability)
This vulnerability could be reproduced by issuing a GET request to http://mcc.godaddy.com/park/[PARKED_DOMAIN]?72565%27%3balert(document.domain)%2f%2f146=1
For example: http://mcc.godaddy.com/park/rUMuqUO1ozRhpTW6?72565%27%3balert(document.domain)%2f%2f146=1
The PoC Video (shows the vulnerable redirect code along with our javascript injection):
Godaddy fixed the issue and rewarded Seekurity team with a generous bounty, Thanks Godaddy!
Hey!
Building a website? Or already built a one? Worried about your security? Think twice before going public and let us protect your business!
Previous Next