Full Disclosure mailing list archives
poisoning / hijacking DNS locally of a third party domain: in shared and custom web hosting and in ISP, in automated /custom control panel software
From: Bipin Gautam <bipin.gautam () gmail com>
Date: Sat, 21 May 2016 21:01:15 +0545
Hi, vulnerability summary : a design / process flaw Severity : Moderate / High In most automated control pannel software, for shared and custom web hosting and in ISP, anyone can register / signup any domain after you have a paid account for website hosting - and the dns record of the added domain gets synced indiscriminately in the local / ISP master DNS name server /resolver (for that webhosting and ISP locally) when any local website in such shared hosting or ISP request for dns resolving - for a website IP, or mx or subdomain record etc the local entry get priority over the global / root entry (like when you edit /etc/hosts or %windir%\system32\etc\drivers the local record gets priority over remote resolver in such situation, analogy ) - when a user of such ISP or a website in shared hosting try to locally request a third party website (say linkedin, twitter, facebook or any domain ) via website API, or email and when site accepts both https or..... http redirect requests, api logins are at risk - or a potential attacker can use such to disrupt the dns request on such shared hosting for a third party domain - or get / hijack all email sent for a third party domain, in such shared hosting via catchall@[domain_name] poisoning / deliberate entry possible affected software: - cpanel - many self customized / automatic dns registration / control panel / shared hosting software - direct admin / plesk and other popular... such control panel software ( please test and let us know ? ) Respectfully, -bipin _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- poisoning / hijacking DNS locally of a third party domain: in shared and custom web hosting and in ISP, in automated /custom control panel software Bipin Gautam (May 23)