Feb. 8, 2024, 10:27 a.m. | Scott Lindh

InfoSec Write-ups - Medium infosecwriteups.com

Write up about how I successfully took over the subdomain of an Tumblr blog.

A Subdomain takeover is a cybersecurity vulnerability where attackers exploit abandoned or misconfigured subdomains, gaining unauthorized control. This can lead to malicious activities such as phishing, malware distribution, and defacement.Tumblr suggesting a 404 error, could mean the sub domain points to a blog that can be taken over

These are the steps I took to successfully take over this subdomain and link it to my own …

bug bounty hacker subdomains enumeration subdomain takeover white hat hacker

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

Senior Director, Artificial Intelligence & Machine Learning and Data Management

@ General Dynamics Information Technology | USA VA Falls Church - 3150 Fairview Park Dr (VAS095)

Test Engineer - Remote

@ General Dynamics Information Technology | USA VA Home Office (VAHOME)

Senior Principal Oracle Database Administrator

@ Everfox | Home Office - USA - Maryland

Director, Early Career and University Relations

@ Proofpoint | Texas

Enterprise Account Manager

@ Proofpoint | Geneva, Switzerland - Remote