Hello all. I would like to ask about cloudfront subdomain takeover did not work anymore or something I was missing in my working process. Everytime I claim the vulnerable subdomain, I got some error like " Status Code: 409; Error Code: CNAMEAlreadyExists;". Please Kindly help me.
These were fixed by Amazon a while ago, however, in rare cases where they are indirect and the CNAME on the first host doesn’t contain “cloudfront” then you will be able to take these over in the second instance. This is discussed in more detail here: https://github.com/EdOverflow/can-i-take-over-xyz/issues/29