Successfully reported this slideshow.
Your SlideShare is downloading. ×

DNS hijacking at cloud

Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Ad
Upcoming SlideShare
Wcmtl andrear-domain-mapping
Wcmtl andrear-domain-mapping
Loading in …3
×

Check these out next

1 of 13 Ad
Advertisement

More Related Content

Similar to DNS hijacking at cloud (20)

More from Bangladesh Network Operators Group (20)

Advertisement

Recently uploaded (20)

DNS hijacking at cloud

  1. 1. DNS HIJACKING AT CLOUD Your forgotten subdomain going to hurt you.
  2. 2. Co-Founder @ BEETLES (beetles.io) Twitter: @shaheemirza Web: shaheemirza.com Shahee Mirza
  3. 3. Menu  Background  History  Attack  Tools  Defense
  4. 4. Background Do you know that it's possible that some of your subdomains maybe taken over by somebody else? This is due to the fact, that for some of your DNS[Mainly CNAME] records. People register subdomains & point it to 3rd party a pps/websites. A subdomain takeover is a vulnerability that results from DNS misconfiguration.
  5. 5. History
  6. 6. :D
  7. 7. Attack 1- Your company starts new service like blog 2- Your company points a subdomain to the blog-provider- service.com, eg blog.your-company.com 3- Your company stops the project and forgets to remove the subdomain redirection pointing to the blog-provider- service.com. 4- Attacker signs up for the Service and claims the domain as theirs. 5- Attacker now can post a defacement or put an HTML Form and asks users to login (Perform phishing attack).
  8. 8. Demo Video
  9. 9. Now You know it all, Then forget Me
  10. 10. Wait!! I have more to share….. The tools list
  11. 11. Tools  Subbrute  Nmap  Recon-Ng  DNSRecon  HostileSubBruteforc er  Gobuster  DNSenum  AltDNS  Sublist3r  Knock
  12. 12. Defense  Check your DNS configuration for subdomains pointing to services not in use.  Keep your DNS entries constantly vetted and restricted.
  13. 13. THANKS! Twitter: @shaheemirza

×