hostile subdomain takeover by ankit prateek
TRANSCRIPT
Hostile Subdomain Takeover
HST in a minute
People register subdomains & point it to 3rd party apps/websites
Github pages, Heroku, S3, AWS are some examples
Sometimes they migrate or stop using the feature and forget to remove the name pointer
An entry exists at nameserver pointing to a page
Create an account and claim that page.
Done!
#OkThxBye
Interactive Session
Lets talk DNS & NameServers
DEMO
Defense
Check your DNS-configuration for subdomains pointing to services not in use.
Keep your DNS-entries constantly vetted and restricted.
Thanks To
Prakhar Prasad (@prakharprasad)
Detectify https://labs.detectify.com/2014/10/21/hostile-subdomain-takeover-using-herokugithubdesk-more/