When a subdomain has a canonical name (CNAME) in Domain Name System (DNS), with no host providing content for it, attackers can control over the subdomain. This situation can occur if virtual host hasn’t been published yet or a virtual host has been removed. An attacker can take over that subdomain by providing their own virtual host and then hosting their own content for it. Then they can potentially read cookies set from the main domain, perform cross-site scripting, or circumvent content security policies, thereby enabling them to capture protected information (including logins) or send malicious content to unsuspecting users.

We are very pleased to share that Ujjwal Gautam has identified "Sub domain takeover" vulnerability in the asset of United Nation. Currently intern at One Cover Pvt. Ltd. Ujjwal Gautam is a self-motivated, confident, and highly energetic individual with a passion for information technology and cybersecurity. He is a team player with a positive attitude and high dedication. He is currently pursuing a BSc(Hons) Computing degree from Islington College (affiliated to London Metropolitan University).

If you want to learn more about Subdomain takeovers, Click Here