Search This Blog

Sunday, February 27, 2011

Domain Stealing Part 4

SOURCE and more info at:
www.darknet.org.uk


Authorization
0a. (N)ew (M)odify (D)elete.: Modify
0b. Auth Scheme.............: MAIL-
FROM
0c. Auth Info...............:

Contact Information
1a. NIC Handle..............: ADM001
1b. (I)ndividual (R)ole.....: Individual
1c. Name....................: DOMAIN, ADMIN
1d. Organization Name.......: EXAMPLE
1e. Street Address..........:
1f. City....................:
1g. State...................:
1h. Postal Code.............:
1i. Country.................:
1j. Phone Number............:
1k. Fax Number..............:
1l. E-Mailbox...............: evil@domain.com

Notify Information
2a. Notify Updates..........: AFTER- UPDATE
2b. Notify Use..............: AFTER-USE

Authentication
3a. Auth Scheme.............: MAIL-
FROM
3b. Auth Info...............:
ADMINEMAIL@EXAMPLE.COM
3c. Public (Y/N)............: NO

NOTE: Do NOT put anything in the Subject!

Just send one email! DO NOT bomb hostmaster@ networksolutions.com with more than one email. That’ s pretty much it. Now continue to bomb ADMINEMAIL@EXAMPLE.COM, changing the tracking number every time until your 30-35 tracking numbers are used up!

Now all you have to do is wait. After 24 hours you could go and change the domain information and no one would be there to stop you because now you are the admin of the domain name!

NOTE: This attack will only work on domains that have an admin contact different from their technical contact!


Initiating the Second Attack:
This attack will be successful even if the technical and admin contact are the same.
The procedure is basically the same apart from the fact that this time:
-Go to http://www.networksolutions.com/
-Click on the link that says ‘ Make Changes. ’
-Enter the domain name example.org
-You should be presented with 2 blue buttons
-Click on the one that says *Expert*
-Next screen would have a heading ‘ Select the form that meets your needs ’
-Click on the link that say ‘ Service Agreement. ’
-Now when it asks for email address, enter your own.
-Now you should see many fields, don’ t panic!
-Go to the technical contact and change the handle to freeservers, hypermart e.t.c.
-Now come to ‘ Nameserver Information. ’
-Change the nameservers to hypermart or freeserver nameservers.
-If there ’ s anything in the ‘ Optional Information ’ after that then simply delete them.
-Click on the button ‘ Submit this form for processing. ’

You are done, the form will be emailed to your email address. When the form arrives in your email, then simply take this part:
**** PLEASE DO NOT REMOVE Version Number or any of the information below when submitting this template to hostmaster@ networksolutions.com. *****

Domain Version Number: 5.0

******** Email completed agreement to hostmaster@
networksolutions.com
********

Part 1
Part 2
Part 3
Part 4
Part 5

No comments: