Skip to content

Python utility to takeover domains vulnerable to AWS NS Takeover

Notifications You must be signed in to change notification settings

shivsahni/NSBrute

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

38 Commits
 
 
 
 
 
 

Repository files navigation

NSBrute

NSBrute is a command line utility built using Python that allows you to gain access to the vulnerable domain by exploiting NS Takeover vulnerability. If you want to know about NS Takeover feel free to refer this.

Prerequisites

  • Programmatic access to AWS account
  • Support for Python 2.7

Executing

Clone the repo

git clone https://github.com/shivsahni/NSBrute.git

Install the dependencies

pip install -r requirements.txt

Once the script is cloned, and the requirements have been successfully installed, run the script using your AWS Access Key and Secret Key as shown below:

python NSBrute.py -d domain -a accessKey -s secretKey 

If you want to force delete the failed zones you made during testing, you can ran a command similar to this (provide a -f at the end):

python NSBrute.py -d domain -a accessKey -s secretKey -f

The script would be indefinitely creating the zones for the vulnerable domains in your AWS account until it finds a zone with a common nameserver.

Once the script creates a zone with a common nameserver you can log in to your AWS account to create the resource records for the domain to have the complete control over the domain.

If you want to terminate the script while it is still running, control + c will cause it to stop running and you will be prompted to provide y to force delete any stale hosted zones or literally any other character sequence to just quit immediately.