Proof of Concept

Subdomain Takeover by EY

This domain has been compromised via a dangling CNAME vulnerability.
EY now controls the content served on this subdomain.

Affected Domain msoid.sans.com.sa
CNAME Target clientconfig.microsoronline-p.net
Vulnerability Dangling CNAME — Subdomain Takeover
Severity HIGH
Timestamp

What happened?

The subdomain msoid.sans.com.sa contained a CNAME DNS record pointing to clientconfig.microsoronline-p.net — an external domain that was not registered by the organization. A security researcher registered this unclaimed domain and is now serving this page as proof of concept. This demonstrates that an attacker could serve malicious content, harvest credentials, host phishing pages, or fully impersonate the organization under a trusted subdomain.

This is a proof of concept conducted during an authorized security assessment by EY.
No malicious activity was performed. No user data was collected or compromised.
This page exists solely to demonstrate the vulnerability to the domain owner.