Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
AppDefects
Community Champion
‎03-07-2020 09:03 PM
‎03-07-2020 09:03 PM

Subdomain takeover!

If you didn't know that taking over subdomains was a thing then check this research from vulnerability.com - they showed a PoC that more than 670 Microsoft subdomians were susceptible to take over. 

 

How can an attacker exploit this vulnerability?

 

  • Actually, attacker can exploit this vulnerability as “Stored XSS”.
  • Also attacker can clone the main website’s template and steal users credentials like passwords, credit card informations or phone numbers etc.
  • Attacker can bypass CSP, CORS and referrer-check based protections and exploit some vulnerabilities like XSS, CSRF, Clickjacking and steal users cookies or takeover user accounts.
  • Attacker can deface the websites which is embedding sources from vulnerable subdomains. Or run JavaScript commands remotely.
  • Attacker can manipulate the corporational and critical endpoints like payment APIs.
  • Attacker can force visitors to download malware.
  • Attacker can hack users devices remotely and spy them if this subdomain is using for autoupdates.
  • Attacker can make illegal requests by visitors browser.
Reply
0 Kudos
0 Replies