Hack domain

Tham khảo tài liệu hack domain, công nghệ thông tin, an ninh - bảo mật phục vụ nhu cầu học tập, nghiên cứu và làm việc hiệu quả
Nội dung trích xuất từ tài liệu:
Hack domain.Hackdomaintrangnàyđãđượcđọc lầnDomainHijacking:AstepbystepguideSummary:ThesolepurposeoftheinformationcontainedinthisadvisoryistopointouttheflawsinInterNICsdomainnamehandlingsystemandisintendedforeducationaluseonly.Sincethisispublicknowledge,itshouldbealsoineveryonesreach.Thetechniquedescribedbelowinvolvesaneasytofollowprocedureofstealing.com/.net/.org/.gov/.mildomainnames.Thisvulnerabilityhasbeenpubliclyknownforquiteawhile,andtherearewaystopreventit(Seebelow).Theprocedurebelowenablesanattackertotakeoveradomainname,enablinghimorhertomakethearbitrarywebaddress(www.example.com)pointtoanydesiredwebpageontheInternet.Thismethodofdomainhijackingisconstantlybeingusedtohijackdomainnames,andtodefacewebsites.Requiredingredients:*Anonymousremailerormailbomberthatcanspoofemailaddresses.*SocialEngineeringskillsfortimingtheemails.*Afakeemailaddressathotmail.comoranyotherfreeservice.Exploit:Asanexampleforthisadvisory,wewilltakethedomainnameexample.org.Gotohttp://www.networksolutions.comandclickonthelinkthatsaysWhoIs.Nowenterthedomainname(example.orginthiscase)inthesearchfieldandclickontheSearchbutton.ThiswouldshowyoutheWhoIsinformation,whichwillbesimilartotheoneshownbelow:Registrant:Example(ex24DOM)AddressdetailsDomainName:EXAMPLE.ORGAdministrativeContact,TechnicalContact,ZoneContact,BillingContact:DOMAIN,ADMIN(ADM001)ADMINEMAIL@EXAMPLE.COMRecordlastupdatedon00Jan2000.Recordcreatedon00Jan2000.Databaselastupdatedon3Feb200014:29:53EST.Domainserversinlistedorder:NS1.EXAMPLE.COM1.2.3.4NS2.EXAMPLE.NET1.2.3.5Nowyouhavetwochoices:1)EitheryoucouldtakefullcontrolofthedomainbychangingtheAdministratorshandleinformation.Or2)Youcouldsimplypointthedomaintoanotherhostandletitrecoverintimebyitself.InitiatingtheFirstAttack:LetusfirstexplaintheInterNICauthenticationsystemincasemostofyouwouldbethereaderswhodonothavetheirowndomainnames.TheproblemwithInterNICauthenticationisthattheydoNOTsendaconfirmationemailiftherequestissentfromthesameemailasthepersonowningthecontactorthedomainnameitself!Therefore,utilizingthisflawonecouldspoofanyonesemailaddressandchangeanydomainnamesinformation.Although,aconfirmationisrequiredfromthepersontowhomthedomainisabouttobetransferred;andthatshouldntbetoohardasitwouldyourownemailaddress.Heresastepbystepprocedure:Gotohttp://www.networksolutions.com/ClickonthelinkthatsaysMakeChanges.Enterthedomainnameexample.orgYoushouldbepresentedwith2bluebuttonsClickontheonethatsays*Expert*NextscreenwouldhaveaheadingSelecttheformthatmeetsyourneedsClickonthelinkthatsayContactFormNextyoushouldseeaformwith2fields.Inthefirstfieldentertheadminshandle(example.orgadminisADM001)Inthenextfieldenterhis/heremailaddress(inthiscaseitsADMINEMAIL@EXAMPLE.COM)ChangetheoptiontoModify.NowProceedtoContactInformation.SelecttheMAILFROMoptionandclicktheGoontoContactDataInformation.Nowyoushouldseealltheinformationabouttheadmincontactofdomainname!IntheEmailaddressfieldchangetheemailtoyourownfakeemail.(inthiscaseitsevil@domain.com)NowProceedtoSetAuthorizationScheme.AgainchooseMAILFROMandentertheemailaddressoftheadmin(ADMINEMAIL@EXAMPLE.COM)LeavethebottomoptiontoNoandGenerateContactForm.Nowyoushouldseeatemplatewithalltheinformation.Similartothis:********PleaseDONOTREMOVEVersionNumber********ContactVersionNumber:1.0********Pleaseseeattacheddetailedinstructions********Authorization0a.(N)ew(M)odify(D)elete.:Modify0b.AuthScheme.............:MAILFROM0c.AuthInfo...............:ContactInformation1a.NICHandle..............:ADM0011b.(I)ndividual(R)ole.....:Individual1c.Name....................:DOMAIN,ADMIN1d.OrganizationName.......:EXAMPLE1e.StreetAddress..........:1f.City....................:1g.State...................:1h.PostalCode.............:1i.Country.................:1j.PhoneNumber............:1k.FaxNumber..............:1l.EMailbox...............:evil@domain.comNotifyInformation2a.NotifyUpdates..........:AFTERUPDATE2b.NotifyUse..............:AFTERUSEAuthentication3a.AuthScheme.............:MAILFROM3b.AuthInfo...............:ADMINEMAIL@EXAMPLE.COM3c.Public(Y/N)............:NONOTE:DoNOTpressthebuttonatthebottomthatsaysMailthiscontactformtome!Copyandpastethismessageintoyouranonymousremailerormailbomberandyouarereadytogo;butWAIT!Itsnotthateasy,nowcomestheHARDpart!Whenyoumailthismessagetohostmaster@networksolutions.comamessagesimilartothefollowingwouldbesenttotheadminemailaddress:Subject:[NIC000128.4r50]YourMail______________________________________________________________Thisisanautomaticreplytoacknowledgethatyourmessagehasbeenreceivedbyhostmaster@networksolutions.com.ThisacknowledgementisNOTaconfirmationthatyourrequesthasbeenprocessed.Youwillbenotifiedwhenithasbeencompleted.Ifyoushouldhaveneedtocorrespondwithusregardingthisrequest,pleaseincludethetrackingnumber[NIC000128.4r50]inthesubject.Theeasiestwaytodothisissimplytoreplytothisme ...