Skip to content
This repository has been archived by the owner on Jan 7, 2024. It is now read-only.

Add SSL services for zendesk #60

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Add SSL services for zendesk #60

wants to merge 1 commit into from

Conversation

Fisjkars
Copy link

Hello,

Thanks for this awesome project !!
I would like to add the ssl.zendesk.com to fingerprint.json.
It's cannot be an addition to zendesk because the behavior is not the same (nxdomain = true). Zendesk create this subdomain when the instance is mapped to a custom host mapping.

How to exploit :

  • Check if xxx is available on zendesk then create the instance.
  • Set Host mapping to 'malicious.com' and generate a certificate and add it to the zendesk instance (SSL conf.)
  • The domain will normally appeared.
  • The vulnerable domain will be link to your malicious instance (with a certificate error but nice).

https://support.zendesk.com/hc/en-us/community/posts/207580187-Host-Mapping-Issue

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant