TakeOver

TakeOver - TryHackMe

Overview

The Takeover machine simulates a real-world scenario where a company is at risk of subdomain takeover. The challenge focuses on discovering vulnerable subdomains through enumeration and certificate inspection to prevent potential ransom threats.


Key Objectives

  1. Add the target domain to the /etc/hosts file.

  2. Perform a service and port scan.

  3. Enumerate subdomains manually and through SSL certificate inspection.

  4. Identify and exploit a subdomain takeover to retrieve the flag.


Skills Demonstrated

  • Subdomain enumeration

  • SSL certificate analysis

  • Web application reconnaissance

  • Information gathering techniques


Relevance

Understanding how subdomain takeover vulnerabilities occur is crucial in web application penetration testing. This challenge demonstrates the importance of securing DNS configurations and cleaning up deprecated subdomains.

Last updated