DNS takeover vulnerabilities occur when a subdomain (subdomain.example.com) or the page itself has designated a provider as a valid nameserver (eg AWS Route 53, Akamai, Microsoft Azure, etc.). ) but the hosted zone has been removed or deleted completely.
Consequently, when requesting DNS records, the server responds with a SERVFAIL error. This allows a hacker to create a hosted zone that is missing from the service that was used and thus check all DNS records for that (sub)domain.
Installation
1) The simplest method is to unzip the file to download from here and then run it.
2) There is also the manual method that we install from the source:
▶ Go install github.com/pwnesia/dnstake/cmd/dnstake@latest
ή
▶ git clone https://github.com/pwnesia/dnstake ▶ cd dnstake / cmd / dnstake ▶ go build. ▶ (sudo) mv dnstake / usr / local / bin
Use
Set the concurrency level (default: 25) -s, --silent Suppress errors and/or clean output -h, --help Display its help Examples: dnstake -t (sub.)domain.tld dnstake -t hosts.txt cat hosts.txt | dnstake subfinder -silent -d domain.tld | dnstake
You can download it program from here.
