Bug Report #23JAN136 (subdomain takeover via shopify )

A subdomain takeover vulnerability was identified on the domain █████████, where the subdomain pointed to an unclaimed Shopify instance. The researcher discovered that the subdomain was vulnerable to takeover because the DNS record pointed to a Shopify service that was no longer being used by the organization. The vulnerability was successfully exploited by the researcher, who created a Shopify account, added the custom domain █████████, and demonstrated control over the subdomain by setting up a password-protected page. This type of vulnerability occurred when DNS records continued to point to external services (in this case, Shopify) that were no longer actively managed by the organization, allowing attackers to claim the unused service and gain control over the subdomain. The subdomain takeover was confirmed through a working proof of concept where the researcher established control over the domain and set a password ("test") to demonstrate ownership.