snubbr.com

GoDaddy review : Suggest I buy GoDaddy?? how do domains get hacked?

Get GoDaddy web hosting for just $1.99. Click here to use coupon...

Special $7.49 .COM sales. Click here for this special deal...


I've heard of domains getting hacked - as in, someone comes in and is able to transfer the domain to themselves, and completely takeover or redirect the site. I've even seen domain registrars claiming they battle this or never have the issue, but I know it exists.

How does this happen? Has it ever happened to anyone here? Just curious.....

Comments (5)



Usually it's as easy as gaining access to an email account or system. you WHOIS a domain and you'll see the registrant, administrative, and technical contact emails. gain access/control to one of those, you can initiate a transfer request from your registrar account and authorize it via the compromised email.

Lot more detail to it, but that's a top level explanation of how easy it is..

EDIT: To gain access to email account, first identify where the MX server points. Use tools like NMAP to gain information about what services the target has managing email. Compromise that service..

Of course, physical access to the PC of someone listed as the registrant is the easiest and quickest way. You wouldn't beleive how easy it is to gain access to even CIO level desks during lunch hours or after hours on a cleaning crew. It costs less than $50 for a jumpsuit that looks like your a janitor. From there, it's simply finding a weak minded moron at the company and gaining access to the appropriate area. 9 out of 10 people do not log off their workstations at the end of the day. Janitor in the building/area about 10 minutes after the target leaves is almost guaranteed access to that person's logged in system..

Comment #1



Yep, it's usually theft of the WHOIS admin email...

Comment #2

Lord Brar does it. To avoid this happening to you please subscribe urself to his Insurance policy and be a prestigious member of the Domaining forum..

Anyways, am learning a lot from his newsletters. Guess he must cover Domain Hijacking in the next edition...

Comment #3

I do what? LOL I know I am shady but I have never once hijacked anyone's name in my life ever. It is illegal dude!.

I can do unethical and immoral stuff but not illegal shit...

Comment #4



You can put XSS in the whois info and if someone views your whois while logged in at some registar they could steal your cookie and log in to your account and.......

Comment #5


This question was taken from a support group/message board and re-posted here so others can learn from it.

 

Categories: Home | Diet & Weight Management | Vitamins & Supplements | Herbs & Cleansing |

Sexual Health | Medifast Support | Nutrisystem Support | Medifast Questions |

Web Hosting | Web Hosts | Website Hosting | Hosting |

Web Hosting | GoDaddy | Digital Cameras | Best WebHosts |

Web Hosting FAQ | Web Hosts FAQ | Hosting FAQ | Hosting Group |

Hosting Questions | Camera Tips | Best Cameras To Buy | Best Cameras This Year |

Camera Q-A | Digital Cameras Q-A | Camera Forum | Nov 2010 - Cameras |

Oct 2010 - Cameras | Oct 2010 - DSLRs | Oct 2010 - Camera Tips | Sep 2010 - Cameras |

Sep 2010 - DSLRS | Sep 2010 - Camera Tips | Aug 2010 - Cameras | Aug 2010 - DSLR Tips |

Aug 2010 - Camera Tips | July 2010 - Cameras | July 2010 - Nikon Cameras | July 2010 - Canon Cameras |

July 2010 - Pentax Cameras | Medifast Recipes | Medifast Recipes Tips | Medifast Recipes Strategies |

Medifast Recipes Experiences | Medifast Recipes Group | Medifast Recipes Forum | Medifast Support Strategies |

Medifast Support Experiences |

 

(C) Copyright 2010 All rights reserved.