TakeOver

TakeOver - TryHackMe

Overview

The Takeover machine simulates a real-world scenario where a company is at risk of subdomain takeover. The challenge focuses on discovering vulnerable subdomains through enumeration and certificate inspection to prevent potential ransom threats.

Key Objectives

Add the target domain to the /etc/hosts file.
Perform a service and port scan.
Enumerate subdomains manually and through SSL certificate inspection.
Identify and exploit a subdomain takeover to retrieve the flag.

Skills Demonstrated

Subdomain enumeration
SSL certificate analysis
Web application reconnaissance
Information gathering techniques

Relevance

Understanding how subdomain takeover vulnerabilities occur is crucial in web application penetration testing. This challenge demonstrates the importance of securing DNS configurations and cleaning up deprecated subdomains.

PreviousExecutive Report NextWrite-up

Last updated 4 months ago