MoinQ: DNS/lame_delegation/Subdomain_Takeover

• RecentChanges
• FindPage
• HelpContents
• Subdomain_Takeover

• Immutable Page
• Comments
• Info
• Attachments
• More Actions: Raw Text Print View Render as Docbook Delete Cache ------------------------ Check Spelling Like Pages Local Site Map ------------------------ Rename Page Delete Page ------------------------ Subscribe User ------------------------ Remove Spam Revert to this revision Package Pages Sync Pages ------------------------ CreateNewPage Load PageActions Save SlideShow Thumbnails

DNS takeover vulnerabilities occur when a subdomain (subdomain.example.com) or domain has 
its authoritative nameserver set to a provider (e.g. AWS Route 53, Akamai, Microsoft Azure, etc.) 
but the hosted zone has been removed or deleted. 

Consequently, when making a request for DNS records the server responds with a SERVFAIL error. 
This allows an attacker to create the missing hosted zone on the service that 
was being used and thus control all DNS records for that (sub)domain.¹

MoinQ: DNS/lame_delegation/Subdomain_Takeover (last edited 2024-06-15 23:31:22 by ToshinoriMaeno)

• Immutable Page
• Comments
• Info
• Attachments
• More Actions: Raw Text Print View Render as Docbook Delete Cache ------------------------ Check Spelling Like Pages Local Site Map ------------------------ Rename Page Delete Page ------------------------ Subscribe User ------------------------ Remove Spam Revert to this revision Package Pages Sync Pages ------------------------ CreateNewPage Load PageActions Save SlideShow Thumbnails

• MoinMoin Powered
• Python Powered
• GPL licensed
• Valid HTML 4.01