Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

Subdomain takeover from scratch to advance

  • Last Updated : 16 Feb, 2021

Sub-domain Takeover : 

Sub-domain takeover is a common and most popular vulnerability. If you are not aware of such kind of vulnerability so, you can understand it is like a class of security issues where the intention of an attacker to take the control of an organization’s sub-domain via cloud services.

Sub-domain takeover vulnerability sometimes may lead to financial loss organization, compromise of users trust on the organization because in this vulnerability attacker can completely claim the particular sub-domain of an organization on which people have their fail as the secure domain. In some dangerous cases, the attacker exploits the sub-domain takeover vulnerability and put the forms on the sub-domain that is vulnerable and take the confidential information from the user this information may contain credit/debit card detail, CVV or any other personal and confidential information of a user. 

Cause of sub-domain takeover Vulnerability :

Sub-domain takeover arises when a sub-domain is pointing to another domain(CNAME) that not exist currently. If an attacker registers that non-existing domain then the sub-domain points to the domain registration by the attacker. By a single change in DNS make the attacker as an owner of that particular sub-domain and after that attacker can manage the sub-domain according to his choice and this is the power of “sub-domain Takeover Vulnerability”.

Impact :  

It gives an opportunity to the attacker to use a sub-domain on behalf of the organization for any malicious purpose.

Example :

You can consider an example where let’s say the example is an organization and the domain is an and as you can clearly see in the diagram,, and are sub-domain. Let’s have a look to understand sub-domain takeover.

Sub-domain Takeover

Diagram sub-domain takeover explanation –

If is the main domain (high-level domain) of organization and developers of create a sub-domain but there is no host which providing content for it then an attacker can provide a host for this sub-domain (ex. and take the ownership of sub-domain and this leads to sub-domain takeover vulnerability.

Mitigation :

  1. Monitor your digital infrastructure of the website on regular basis.
  2. Delete the DNS-configuration of the external service on your sub-domain if it’s pointing to a non-existing service or host.

My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!