Posts

Subdomain takeover at bmw.de

Reporting another subdomain takeover vulnerability

When I was first scanning for abandoned CNAME entries and found subdomains of welt.de which could have easily been taken over, I also found a vulnerable subdomain at bmw.de. The backstory is the same as in that other post so I won’t repeat it here.

Subdomain takeover at welt.de

Finding and reporting a subdomain takeover vulnerability

Being inspired by Patrik Hudak accomplishing a subdomain takeover at starbucks.com I decided to scan for some abandoned DNS records. From a different project I still had a script ready to search for a target domains subdomains on crt.sh and extended that to find subdomains with non-resolvable CNAME records.

Windows Server 2019 Proxmox Template

Creating and deploying a Windows Server 2019 template on Proxmox

This post is about creating a template for Windows Server 2019 on Proxmox, selecting some default settings and deploying a first VM from that template.

Acme-dns on CentOS 7

Setting up acme-dns on CentOS 7 and configuring a client

In this post an acme-dns server will be set up and a client will acquire a Let’s Encrypt certificate using the DNS-01 challenge.

OpenConnect VPN Server on CentOS 7

Setting up OCServ on CentOS 7 as pseudo bridge using proxy ARP

This post explains how to set up an OpenConnect VPN server (OCServ) as a pseudo bridge, which makes VPN clients appear like local ones to the network.


Page 1 of 2