If a subdomain is vulnerable to controlling by another persons excluding system authorities, its called as subdomain takeover. It may happen because of expired hosting services or DNS misconfigurations. Attacker will has full-privilege on the system after tookover the subdomain. Attacker can upload his own files, create his own databases, track data traffic and create a clone of main website. So, it is not possible to detect that the subdomain is hijacked by an attacker and it threaten the security with various attack scenarios. Our team VULLNERAB1337 beat the records and discovered 670+ subdomains of Microsoft is vulnerable to takeover. Let us show you how we found them and what can an attacker do by this vulnerability.
We have claimed some of those subdomains to protect from attackers and show you example attack scenarios.
We have claimed some of those subdomains to protect from attackers and show you example attack scenarios.
- identityhelp.microsoft.com
- mybrowser.microsoft.com
- web.visualstudio.com / webeditor.visualstudio.com
- data.teams.microsoft.com
- sxt.cdn.skype.com
- download.collaborate.microsoft.com
- incidentgraph.microsoft.com
- admin.recognition.microsoft.com
- api.getdevices.microsoft.com
- dev.social.microsoft.com
- manage.codesign.microsoft.com
- WDATPUnifiedUX-neu-prd.securitycenter.windows.com