Sub Domain Take Over - Simulate Environment
Sub Domain Take Over - Simulate Environment These few days, I have done some studies on this topic " sub domain take over" , and I found out that most of the blogs does not have end to end tutorial and this blog I would not be explaining the theory. But I will show a simple case study "sub-domain takeover". I have created an environment and ready to show, how the subdomain takeover can be done. Victim (subdomain.tehwinsam.xyz) Let assume that you have found a subdomain through your own unique enumeration technique. We can use a tool call "dig" and to find the DNS information for subdomain.tehwinsam.xyz. The DNS information shows that subdomain.tehwinsam.xyz CNAME applebois.asuscomm.com Since, I bought the tehwinsam.xyz from namecheap.com. Therefore, from the dashboard of namecheap, the configuration of DNS should look like image below. Assuming, that the domain for applebois.asuscomm.com is no longer valid/use by anyone and available to register this