Pantheon Subdomain Takeover
2 min readMay 3, 2020
First of all, we determine a target site and if we get the following error, we can work on it.To learn;
https://ppms-qa.princeton.edu/ i found a target
If we get such an error on our page, there is a possible deficit. I recommend reading my other write-ups.
- https://pantheon.io/ Create a new user on the official website.
- Yes, everything is ok now, we press the add new site button.
- Your can write whatever your want on behalf of the website, im a chose to write my own name.
- After typing our name, we press the continue button and choose 1 out of 3 options. I prefer wordpress because it’s easier.
- We are join to Domains / Https in the DEV menu.
- Write the cname, the subdomain takeover vulnerability we found there, that is, we write our domain address and register our domain name by activating the 14-day trial period.
- Let’s go to the site we created, install the wordpress and log in.