Exploring Subdomains: From Enumeration to Takeover Victory
If you enjoy what I do, please support me Buy Me Ko-fi! https://ko-fi.com/h0tak88r
In the name of ALLAH the most gracious the most merciful
So today i will talk about how i got my critical subdomain takeover on ford motors
Ford is a family company, one that spans the globe and has shared ideals. We value service to each other and the world as much as to our customers. Generations ...
Choose target
Subdomain enumeration
First i collected subdomains using subfalcon
Subdomain Takeover checking
So here i used my another go tool subov88r
The results was something like
the result that talk my attention was like
So i quickly started to look into this subdomain but the httpx
tool didn't recognize this subdomain as a valid domain
Then i decided to see this subdomain in the browser and as i expected\
Ok let's check can i take over xyz project
https://github.com/EdOverflow/can-i-take-over-xyz/issues/35 Oh no they say that it is not vulnerable
Still, I didn't give up. I decided to investigate on my own, and guess what? I found out that there was indeed an issue, and I successfully took control of it. It's always good to double-check! π‘οΈπ
Undeterred, I decided to manually investigate, and voila! Success β I managed to take over the CNAME <vulnerable>.trafficmanager.com
. Always good to verify! π‘οΈπ
Then reported the issue with HIGHT severity and the Team changed the severity to Critical and triaged my report Update: Issue Resolved !!
Last updated