Affiliation:
1. School of Information Technology, Artificial Intelligence, and Cyber Security, Rashtriya Raksha University, Gandhinagar, Gujarat, India
Abstract
A subdomain is a domain that is a part of another domain. Subdomains are used to organize and navigate to various parts of your website. For example, your primary domain could be “xyz.com,” while your blog could be on a subdomain at “blog.xyz.com.” A subdomain takeover occurs when an attacker gains control over a subdomain of a target domain. Sub-domain takeover vulnerability occurs When a subdomain (subdomain.example.com) that refers to a service (eg GitHub, AWS / S3, ..) is deleted or deleted In this way, the attacker can create pages on the service in use and forward the pages to this subdomain.. If any person wants to take over, a subdomain then the person seeks to manually check one by one subdomain that takes too much time. Moreover, are there some tools available to check the subdomain takeover is possible or not? However, these tools take input as a text file, which has a particular subdomain. This means finding a subdomain with the other tools and then using one of these tools to identify subdomain takeover vulnerability. In my tools, we find the subdomain of a particular domain, then check the CNAME is available for a list of subdomains and if CNAME finds for a specific subdomain, then check the status code of the CNAME if it returns 404-status code. We might say that a particular subdomain is possible to takeover.
Reference7 articles.
1. https://www.ndtv.com
2. https://developer.mozilla.org/enUS/docs/Web/HT TP/Status
3. https://github.com/search?q=subdomain+takeover
4. https://themeisle.com/blog/what-are-subdomains
5. https://en.wikipedia.org/wiki/CNAME_record
Cited by
1 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Detecting Subdomain TakeOver Threats and Real-Time Alerting for Rapid Response;2023 26th International Conference on Computer and Information Technology (ICCIT);2023-12-13