View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0007301 | Kali Linux | [All Projects] Queued Tool Addition | public | 2021-08-31 10:03 | 2021-08-31 10:05 |
Reporter | g0tmi1k | Assigned To | |||
Priority | normal | Severity | minor | Reproducibility | have not tried |
Status | acknowledged | Resolution | open | ||
Product Version | |||||
Target Version | Fixed in Version | ||||
Summary | 0007301: DNSTake - A fast tool to check missing hosted DNS zones that can lead to subdomain takeover | ||||
Description | [Name] - DNSTake [Version] - v0.01 [Homepage] - https://github.com/pwnesia/dnstake [Download] - https://github.com/pwnesia/dnstake/tags [Author] - Pwnesia [License] - MIT [Description] - A fast tool to check missing hosted DNS zones that can lead to subdomain takeover DNS takeover vulnerabilities occur when a subdomain (subdomain.example.com) or domain has its authoritative nameserver set to a provider (e.g. AWS Route 53, Akamai, Microsoft Azure, etc.) but the hosted zone has been removed or deleted. Consequently, when making a request for DNS records the server responds with a SERVFAIL error. This allows an attacker to create the missing hosted zone on the service that was being used and thus control all DNS records for that (sub)domain.ยน [Dependencies] - go | ||||