The easiest way to get subdomain takeover

1 year ago 77
BOOK THIS SPACE FOR AD
ARTICLE AD

In the name of Allah

First of all what is subdomain takeover?

A subdomain takeover occurs when an attacker is able to claim ownership of a subdomain that is no longer in use or is not properly configured. This can happen when a subdomain is pointed to a third-party service (such as a content delivery network or a cloud service) that is no longer being used, or when a subdomain is not properly configured to point to a valid DNS record. Once the attacker has taken over the subdomain, they can use it to host malicious content or steal sensitive information.

With the help of CNAME, or Canonical Name (it is a type of DNS record that allows a domain or subdomain to point to another domain. This can be used to redirect traffic from one domain to another, or to point a subdomain to a different server).

In the context of subdomain takeover, an attacker can take over a subdomain by creating a CNAME record that points the subdomain to a domain that they control. Once the attacker has created the CNAME record, they can host malicious content or steal sensitive information from visitors to the subdomain

vulnerable AWS subdomain

How do we know that the subdomain is vulnerable?

using can-i-take-over-xyz repository , you will find there the Fingerprint of being vulnerable and the way to take it over

what is Trickest platform?

A platform enabling bug bounty hunters, penetration testers, and SecOps teams to build and automate workflows from start to finish.

the platform gives a free demo for 10 days with 50$ in your wallet

Automating this process is very easy using Trickest.io platform. so let’s see how to

sign up in Trickest platform

click on get access

2. type your First Name, Last Name, choose the purpose “bug bounty hunting” and your social media account link and submit

3. check your email from 1 ~ 3 days

complete your signing up

4. From Trickest’s Library search for “34”

click on it then choose copy workflow

then create a new space and type a name for it

then create

and choose it then click copy

you will find it in your workflow open it then open workflow

this workflow is for generating subdomains and check the alive of them

from library on the right search for “takeover”

grab 1, 2, 3 to the end of this workflow

and make them like this

using “Library and Inputs”

this workflow well do 3 things

generate a subdomainscheck the alive of themcheck for subdomain takeover

all you have to do now is copying your domains in pastpin page and take the raw link of it like this

https://pastebin.com/raw/kveYxeDL

Click here and add your link

now click the save then start button
check your workflow after it finishes

click on the last tools to see your results

and here we go

I found one.

Best regards,

Ahmed Hesham

Read Entire Article