Subdomain Takeover via GitHub steps [ Point to IP Address ]


Subdomain Takeover via GitHub 
[ IP Address ]

in many cases we see github takeover only done from
 example.github.io 

In this video I will show you 
that you can also Takeover a Subdomain
 if it show you GitHub finger Print error 
and DNS point to github IP Address

185.199.108.153

Note : Steps are the same of normal Takeover





Impact : This Takeover can be used for several purposes: Malware Phishing / Spear phishing XSS Authentication bypass .. etc.

Suggested fix : Clear your Subdomain DNS






Reactions

Post a Comment

0 Comments