TakeOver
TakeOver - TryHackMe
Overview
The Takeover machine simulates a real-world scenario where a company is at risk of subdomain takeover. The challenge focuses on discovering vulnerable subdomains through enumeration and certificate inspection to prevent potential ransom threats.
Key Objectives
Add the target domain to the
/etc/hosts
file.Perform a service and port scan.
Enumerate subdomains manually and through SSL certificate inspection.
Identify and exploit a subdomain takeover to retrieve the flag.
Skills Demonstrated
Subdomain enumeration
SSL certificate analysis
Web application reconnaissance
Information gathering techniques
Relevance
Understanding how subdomain takeover vulnerabilities occur is crucial in web application penetration testing. This challenge demonstrates the importance of securing DNS configurations and cleaning up deprecated subdomains.
Last updated