Subdomain takeovers are an easy attack if you manage to find a DNS misconfiguration. You can takeover someone's subdomain if it's pointing to a domain that's unregistered or to a web service (like netlify) that doesn't have the subdomain actually setup.
Other approaches include looking for websites which include .js JavaScript files from domains which are no longer registered. Quite a few WordPress plugin attacks use this approach.
I wrote a tool to help identify subdomain takeover opportunities and it's has nearly 60 signatures now. You can feed it domains from a service like project discovery, or have it fetch domains for you from aws or cloudflare etc.
[link] [comments]
from hacking: security in practice https://ift.tt/M5pBb8g
Comments
Post a Comment