DNS takeover vulnerabilities occur when a subdomain (subdomain.example.com) or the page itself has designated a provider as a valid nameserver (eg AWS Route 53, Akamai, Microsoft Azure, etc.). ) but the hosted zone has been removed or deleted completely.
Consequently, on making a request for DNS records, the server responds with error SERVFAIL. This allows a hacker to create a hosted zone that is missing from the service used and thus control all DNS records for that (sub)domain.
Installation
1) The simplest method is to unzip the file to download from here and then run it.
2) There is also the manual method that we install from the source:
▶ go install github.com/pwnesia/dnstake/cmd/dnstake@latest
ή
▶ git clone https://github.com/pwnesia/dnstake ▶ cd dnstake / cmd / dnstake ▶ go build. ▶ (sudo) mv dnstake / usr / local / bin
Use
Set the concurrency level (default: 25) -s, --silent Suppress errors and/or clean output -h, --help Display its help Examples: dnstake -t (sub.)domain.tld dnstake -t hosts.txt cat hosts.txt | dnstake subfinder -silent -d domain.tld | dnstake
You can download the program from here.
