Takeover - SubDomain TakeOver Vulnerability Scanner - KitPloit - PenTest Tools for your Security Arsenal ☣
2018-06-18 08:22:42 Author: www.kitploit.com(查看原文) 阅读量:111 收藏

Sub-domain takeover vulnerability occur when a sub-domain (subdomain.example.com) is pointing to a service (e.g: GitHub, AWS/S3,..) that has been removed or deleted. This allows an attacker to set up a page on the service that was being used and point their page to that sub-domain. For example, if subdomain.example.com was pointing to a GitHub page and the user decided to delete their GitHub page, an attacker can now create a GitHub page, add a CNAME file containing subdomain.example.com, and claim subdomain.example.com. For more information: here

Installation:

# git clone https://github.com/m4ll0k/takeover.git
# cd takeover
# python takeover.py

or:

wget -q https://raw.githubusercontent.com/m4ll0k/takeover/master/takeover.py && python takeover.py

Takeover - SubDomain TakeOver Vulnerability Scanner Takeover - SubDomain TakeOver Vulnerability Scanner Reviewed by Lydecker Black on 6:43 PM Rating: 5


文章来源: https://www.kitploit.com/2018/06/takeover-subdomain-takeover.html
如有侵权请联系:admin#unsafe.sh