O'Reilly logo

Real-World Bug Hunting by Peter Yaworski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

14SUBDOMAIN TAKEOVER

Image

A subdomain takeover vulnerability occurs when a malicious attacker is able to claim a subdomain from a legitimate site. Once the attacker controls the subdomain, they either serve their own content or intercept traffic.

Understanding Domain Names

To understand how a subdomain takeover vulnerability works, we’ll first need to look at how you register and use domain names. Domains are the URLs that access websites, and they’re mapped to IP addresses by Domain Name Servers (DNS). Domains are organized as a hierarchy, and each part is separated by a period. The final part of a domain—the rightmost part—is a top-level domain

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required