Subdomain Hijacking
- Categories:
- notes
My dormant subdomain was recently hijacked, redirecting it to a online gamble registration page. Subdomain hijacking or subdomain takeover refers to redirecting unused subdomains to the attacker’s chosen location.
So when opening my subdomain, for example blog.example.com, it shows content from the attacker, which is online gambling registration.
To address this, I must update my DNS settings. The original setting had my subdomain pointing to a broken Github Pages, so I needed to point it to a valid target.
Before:
CNAME: blog.example.com
Target: <github pages url>After:
CNAME: blog.example.com
Target: <other valid URL>DNS Mapping Tool
To prevent subdomain hijacking, in addition to checking the DNS from your registrar, you can use a tool called DNS Dumpster. DNS Dumpster is a free domain research tool that can discover hosts related to a domain. Finding visible hosts from the attacker’s perspective is an important part of the security assessment process.
Remember to monitor your subdomain targets or delete unused ones.
Recent Posts
Tutorial - "su username vs su - username" - A Security Perspective
The main difference between `su username` and `su - username` lies in the environment variables that are loaded when switching to the specified user.
Subdomain Hijacking
My dormant subdomain was recently hijacked, redirecting it to a online gamble registration page.
C# DbContext ServiceLifeTime
my note about C Sharp ServiceLifeTime
PostgreSQL Index Usage Monitoring
Having too many unused or underused indexes on a table can slow down write and update operations in your PostgreSQL database, making it crucial to regularly identify and manage them for optimal performance.
KAK Labs Newsletter #6 - Staying Safe From Pegasus Spyware
Newsletter #6 - Pegasus, Ruby, PostgreSQL and networkQuality tool