For the people who say we are on the cloud and it is implicitly secure :P

AWS NS Takeover

From 101 to Detection and Exploitation!

Image for post
Image for post

Prerequisite

Before we go ahead and get our hands dirty you need to have a fair understanding of the following concepts:

  1. Fundamentals of AWS(especially Route53 service)

The Misconfiguration

Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post
Image for post

Remediation

The vulnerability has a very simple fix, you just need to remove the dangling nameserver entries corresponding to your domain.

Security Engineer |Security Consultant |Infosec Trainer | Author | Lecturer | Open Source Contributor | Learner https://www.linkedin.com/in/shivsahni/

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store