Recently i was working on a open source project name Subdover (Subdomain Takeover) written in python 3 which have 55+ fingerprints till now (collected from subjack, subzy, aquatone, subover).
This tool is capable to confirm the vulnerable target using its CNAME dns record.
Tool is underdevelopment and when i was testing it against one Bugcrowd target,
It gave me lots of false positive, but one target seems to be interesting.
When i visit that target domain, it show me “404 not found” in response
and when I enumerated its CNAME, it is pointing to alias like this subdomain.xyzcompany.com.edgekey.net.
This is the screenshot of the response in browser, if i request that particular CNAME value/url (subdomain.xyzcompany.com.edgekey.net)
Problem I am facing
I am unable to create a 30 day trail account on akamai
I visited this url: https://www.akamai.com/us/en/campaign/assets/trials/edge-dns.jsp
Which ask me to fill up a form, and when i filled a form, i got one email verification link in my disposable email (Was Using disposable email of mailsac.com provider)
But after email verification, I didn’t get the login credentials.
You can clearly see from these screenshot that even after 6 hours I haven’t received a login credentials email.
What I want to know ?
Is it possible to perform subdomain takeover (DNS Hijacking) for Akamai