Prial Islam

Subdomain Takeover by Prial P0C

Subdomain takeover due to misconfigured project settings

Hi readers,
Today I will write about Subdomain takeover. It’s a common Security issue that is actually a developers mistake when they left an Unused/unclaimed 3rd party Service DNS CNAME record for a subdomain of theirs and Hackers can claim those subdomains with the help of external services, it pointing to what could lead to serious issues. You can learn more about Subdomain takeover from detectify blog.While testing I got a domain what is under flock company. So I started looking at its subdomains and got the subdomain and when I visited the subdomain in the browser I got an error like the below screenshot

Project doesn't exist error
Project doesn’t exist error

This took my attention . So I checked the DNS record for this domain .

$ dig; <<>> DiG 9.10.6 <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13182
; EDNS: version: 0, flags:; udp: 512
; IN A;; ANSWER SECTION: 299 IN CNAME 299 IN CNAME 59 IN A 59 IN A;; Query time: 69 msec
;; WHEN: Mon Jul 09 04:58:06 +06 2018
;; MSG SIZE rcvd: 175

From the above record, we can say the subdomain is pointing to CNAME So I start looking at custom domain documents on the website to understand how they work. From their document, I understand that

  • You need a subdomain pointing to your subdomain like
  • Your subdomain should be configured in domains settings on the following page<project_Name>/v1.0/domains

So to take over I need to check if is already claimed or not. But Unfortunately, it was already claimed 🙁. But I have seen many such services don’t force users to verify their ownership of domains by using the same CNAME txt record as their service subdomain. So still there’s hope.I opened an account in and I got a subdomain Then I go to domains settings and in Custom Domain Field used as value and save changes.Now when I visited It redirected me to this page what saying now that Not Yet Active

Subdomain Takeover by Prial P0C
Subdomain Takeover by Prial P0C

This is showing as I am using a trial account. In the webpage title above screenshot, you will see the project name that I used while creating the project. So now this domain is serving my contents from project page.

How to avoid such issues?: Always update your DNS records. remove CNAME or any other DNS records what is not in use.If you find a security vulnerability feel free to contact them via [email protected]

Thanks for reading.

Leave a Reply

Your email address will not be published. Required fields are marked *

Recent tweets

@thedawgyg @SynackRedTeam Those who break the rules are scum 😴 Read More

Sep 03 2021, 10:53 pm

@KathanP19 Keep going 🔥 Happy for you ❤️ Read More

Aug 27 2021, 9:27 am

@asad0x01 @Hacker0x01 Congratulations 🔥 Read More

Aug 13 2021, 6:25 pm

@sadnansakin Back in 2017/2018 😅 Read More

Aug 09 2021, 8:28 am

Autocorrect Issue! misspelled “Alhamdulillah” 😇 Read More

Aug 08 2021, 8:07 pm

Thanks to all ❤️🥰 Read More

Aug 08 2021, 4:11 pm

Recent posts