4. Background
Do you know that it's possible that some of your
subdomains maybe taken over by somebody
else? This is due to the fact, that for some of your
DNS[Mainly CNAME] records.
People register subdomains & point it to 3rd party a
pps/websites.
A subdomain takeover is a vulnerability that results
from DNS misconfiguration.
7. Attack
1- Your company starts new service like blog
2- Your company points a subdomain to the blog-provider-
service.com, eg blog.your-company.com
3- Your company stops the project and forgets to remove the
subdomain redirection pointing to the blog-provider-
service.com.
4- Attacker signs up for the Service and claims the domain as
theirs.
5- Attacker now can post a defacement or put an HTML Form
and asks users to login (Perform phishing attack).