• © Goverland Inc. 2026
  • v1.0.8
  • Privacy Policy
  • Terms of Use
Sarcophagus Ambassadors VotingSarcophagus Ambassadors Votingby0xe294Dc2cbB49472be1Cf2BEefF971D45859Bb89Cdao-academy.eth

Reward for Organic Bounty on Security for "Anil Bhatt"

Voting ended almost 4 years agoSucceeded

This vote is to decide on a reward/bounty payout for a security issue found. The following is the full submitted report by the individual who found it. This has been confirmed and fixed.

Hey Security Team,

I am Anil Bhatt Security Researcher Who Often Loves To Report Vulnerabilities & Issues In Websites, Systems Of Different Firms, And Industries To Make Them Secure.

Vulnerability Sub-domain Takeover severity: High [P2] https://www.acunetix.com/vulnerabilities/web/hostile-subdomain-takeover/

Description: A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Typically, this happens when the subdomain has a canonical name (CNAME) in the Domain Name System (DNS), but no host is providing content for it. This can happen because either a virtual host hasn’t been published yet or a virtual host has been removed. An attacker can take over that subdomain by providing their own virtual host and then hosting their own content for it. If an attacker can do this, they can potentially read cookies set from the main domain, perform cross-site scripting, or circumvent content security policies, thereby enabling them to capture protected information (including logins) or send malicious content to unsuspecting users.

Vulnerable Domain: https://demo.sarcophagus.io/ ==>CNAME is Pointing to GitHub

Steps:

  1. create a Github account
  2. Go to Settings and add a domain.
  3. click save

as you can see a subdomain takeover is done with your sub-domain. POC https://demo.sarcophagus.io/1

[+]Impact: Subdomain takeover is a high severity vulnerability as pr CVSS v3 attacks can exploit it easily and host anything that defamations of your company and directly impact your assets reputation. An attacker can easily manipulate users to get attracted to this fake portal and harvest their data or it can be used to spread unusual content which can directly affect the reputation of the company. Can be dangerous as an attacker can post malicious content or fool users as he is able to take over your sub-domain.

XSS Phishing Bypass domain security Steal sensitive user data, cookies, etc. company defamation This kind of IMPACT can be done: Cookie Bombing Leading to DOS, Initiating Malicious Transactions/initiating fake transactions, loss of user funds, and spoofing other users by hosting the same UI Domain with a Malicious contract.

Suggested Mitigation/Remediation Actions:

Remove the Domain DNS entry

recent publicly exploit: https://twitter.com/samwcyo/status/1522037756754550784?t=gC2hOeKB0a4gW6HM-grsZg&s=19

I was able to take over this domain, I can host whatever I want to, it's easy to exploit by hosting a similar UI with a fake contract. Or wallet, or defame about the company, FuD. make some FAKE NFT project to scam your real users..

If You Like My Work I Would Prefer To Have A Bounty Because IT Take A lot Of Efforts To Find Issues And Report Before Attacker Misuse

Thanks & Regards 🙏 Name: Anil Bhatt Email/Paypal: nighthack00@gmail.com ETH address: 0x3FEdeEeA7Bf7b1Ff2E3f7514A17F72CF61E8f169

Off-Chain Vote

2000 SARCO Bounty Payout
0 SARCO0%
3000 SARCO Bounty Payout
57.04K SARCO100%
4000 SARCO Bounty Payout
0 SARCO0%
Do Not Pay A Bounty
0 SARCO0%
Download mobile app to vote

Timeline

Jun 01, 2022Proposal created
Jun 01, 2022Proposal vote started
Jun 04, 2022Proposal vote ended
Oct 26, 2023Proposal updated