Subdomain Takeover
Let’s play the domain game
What is CNAME ?
Stands for Canonical name i.e a nickname for another domain.Suppose we have to use some features like vpn,ftp,mail but creating them on our own will be a tedious job.Instead, pointing our subdomain to external domain that provide us the required services will be an easy task for us.Thus, CNAME will make our job easier on this aspect.
What is subdomain takeover?
It is a security issue when an attacker become able to seize control on some subdomain of a company or an organization.It occurs when a domain pointing to another domain that no longer exists.Simply speaking it’s a process of registering a non-existing domain name to gain control over another domain.
How Sub Domain Takeover Works?
[1] xyz.com registers his domain a web hosting site
[2] xyz.com creates a subdomain with the name subdomain.xyz.com
[3]subdomain.xyz.com uses a CNAME record to another domain let the domain name be abc.com.
[4]At some point in time, abc.com expires and is available for registration by anyone.
[5]Since the CNAME record is not deleted from xyz.com DNS zone, anyone who registers abc.com has full control over subdomain.xyz.com until the DNS record is present.
[6] A malicious person claims abc.com and replicates xyz.com / do anything in that subdomain.
Wrap Up
Thank you for Reading This was a small introduction to Subdomain Takeover. If you feel this topic was interesting and want to learn more about this topic, don’t worry we got you covered you can go to this link . Please do appreciate our technical writer Amir Gurung if you like this article and follow Resethacker on Instagram to get this type of knowledge bytes daily . We also organize talk show every Sunday with Cybersecurity Experts on Instagram join us there on Sunday if you like to hear there experience. Keep following us on medium for more amazing articles.
Instagram : Resethacker
LinkedIn : Resethacker
