14SUBDOMAIN TAKEOVER

Image

A subdomain takeover vulnerability occurs when a malicious attacker is able to claim a subdomain from a legitimate site. Once the attacker controls the subdomain, they either serve their own content or intercept traffic.

Understanding Domain Names

To understand how a subdomain takeover vulnerability works, we’ll first need to look at how you register and use domain names. Domains are the URLs that access websites, and they’re mapped to IP addresses by Domain Name Servers (DNS). Domains are organized as a hierarchy, and each part is separated by a period. The final part of a domain—the rightmost part—is a top-level domain

Get Real-World Bug Hunting now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.