December 9

Free Hosting Sites Vulnerable to DNS Hijacking Millions of Websites Can be Hacked


Hey guys, was working on DNS Hijacking these days and find a big loophole in Free Webhosting Companies like and was amazed by my research results I contacted the Company after a week of no reply finally leaking out the issue.

So let me Introduce the DNS Hijacking trick making millions of Websites hosted on 000webhost and other free hosting web hosting companies vulnerable.

Step 1 : Login with a free account on

it will give you an address like

mine was –>?

Now go to Cpanel?
Now open and search for like
” IP: .gov “
All server IPs
Server 1 with 253 IPs –
Server 2 wwith 253 IPs? –
Server 3 with 242 ips –
Now the target I got is?
I just open this URL :
An error page of 000webhost strikes
Which shows that the DNS is configured so that the site is forwarded to Nameserver of 000webhost?
now what i did is enter in my Cpanel which I created at 000webhost and park a subdomain :
And done added an index page to my public_html
And the website defaced .
Some of the sites which also bypassed by me?
Thank you
Regards Aarshit Mittal(@arsmittal)

If you are a mirror freak then can create thousands of subdomains of these gov sites or other gov aites hosted on 000webhost and mirror it on and they take such mirrors don’t have any idea for zone-h because they didn’t archived the mirror submitted by me so may be they don’t takje the created subdomains.

Copyright 2018. All rights reserved.

Posted December 9, 2016 by Becky Chavez in category "Security