December 9

Free Hosting Sites Vulnerable to DNS Hijacking Millions of Websites Can be Hacked

 

Hey guys, was working on DNS Hijacking these days and find a big loophole in Free Webhosting Companies like 000webhost.com and was amazed by my research results I contacted the Company after a week of no reply finally leaking out the issue.

So let me Introduce the DNS Hijacking trick making millions of Websites hosted on 000webhost and other free hosting web hosting companies vulnerable.

Step 1 : Login with a free account on 000webhost.com?

it will give you an address like abcd.something.com

mine was –>?http://testingfu.comule.com

Now go to Cpanel?
Now open bing.com and search for like
” IP:31.170.163.140 .gov “
All server IPs
Server 1 with 253 IPs
31.170.161.1 – 31.170.161.253
Server 2 wwith 253 IPs?
31.170.162.1 – 31.170.162.253
Server 3 with 242 ips
31.170.163.1 – 31.170.163.241
Now the target I got is?csirt.gov.bd
I just open this URL : abcd.csirt.gov.bd
An error page of 000webhost strikes
Which shows that the DNS is configured so that the site is forwarded to Nameserver of 000webhost?
now what i did is enter in my Cpanel which I created at 000webhost and park a subdomain :
men.csirt.gov.bd
bd.csirt.gov.bd
And done added an index page to my public_html
And the website defaced .
Some of the sites which also bypassed by me?
http://test.fraymamertoesquiu.gov.ar?
http://test.concejodeitagui.gov.co?
http://dns.hviota.gov.co?
http://test.digitizeyou.in?
http://men.csirt.gov.bd?
http://bd.csirt.gov.bd
Thank you
Regards Aarshit Mittal(@arsmittal)

If you are a mirror freak then can create thousands of subdomains of these gov sites or other gov aites hosted on 000webhost and mirror it on hack-mirror.com and hack-db.com they take such mirrors don’t have any idea for zone-h because they didn’t archived the mirror submitted by me so may be they don’t takje the created subdomains.



Copyright 2017. All rights reserved.

Posted December 9, 2016 by Becky Chavez in category "Security