Security Workbook on Pentesting
Search…
Security Workbook on Pentesting
About us
References
Bug Bounty
Resources
Mindmaps
Tools Cheat Sheet
Burp Extensions For Bug Bounty & Pen-Testing
Tools Used For Android Testing
Bug Bounty & Pen-Test Templates
XSS Vulnerability
CSRF (Cross-site request forgery)
Unrestricted File Upload
Subdomain Takeover
Github Recon
Injection
IDOR (Insecure direct object references)
SSRF (Server-side request forgery)
Clickjacking
Open Redirect
Server-side request forgery (SSRF)
File Inclusion
Insecure Deserialization
Response manipulation
Directory Browsing
Race condition
Use of Default Credentials
CTF's
Powered By GitBook
Subdomain Takeover
Subdomain takeover is a process of registering a non-existing domain name to gain control over another domain.
Vulnerability Name: Subdomain takeover on [Domain name]
Vulnerability Description: Subdomain Takeover is a type of vulnerability which appears when an organization has configured a DNS CNAME entry for one of its subdomains pointing to an external service (ex. Heroku, Github, Bitbucket, Desk, Squarespace, Shopify, etc) but the service is no longer utilized by that organization. An attacker could register to the external service and claim the affected subdomain.
Here the xyz.xxxxxxx.com is pointing towards a third party service hosted on xxy.com,you can confirm it by passing the below command
nslookup xxx.xxxxxxxxxxxx.xxx 8.8.8.8
[or]
Going to ping.eu and do a dnslookup there.
Proof-of-concept: Snapshots or video link attached.
Impact:
  1. 1.
    Phishing.
  2. 2.
    Company impersonation.
  3. 3.
    Business loss to the company.
Attack Scenario: [Create your own attack scenario according to the workflow of website]
Remediation: Remove the CNAME or claim that sub-domain, from the service provider.
Previous
Unrestricted File Upload
Next
Github Recon
Last modified 2yr ago
Copy link