1. DNS/ManagedDNS


List of managed DNS providers  https://en.wikipedia.org/wiki/List_of_managed_

/GoDaddy /NS1

The Hacker Blog


December 05, 2016

1.1. Vulnerability

The Managed DNS Vulnerability

The root of this vulnerability occurs when a managed DNS provider allows someone to add a domain to their account without any verification of ownership of the domain name itself.

This is actually an incredibly common flow (flaw?) and is used in cloud services such as AWS, Google Cloud, Rackspace and of course, Digital Ocean. The issue occurs when a domain name is used with one of these cloud services and the zone is later deleted without also changing the domain’s nameservers.

サービス利用を取りやめたにもかかわらず、ドメイン名のサーバ(登録)を変更し忘れていると危ない。w (他人がそのサーバにゾーンを作成する可能性がある。怖い状況になる。)

This means that the domain is still fully set up for use in the cloud service but has no account with a zone file to control it.

In many cloud providers this means that anyone can create a DNS zone for that domain and take full control over the domain.

This allows an attacker to take full control over the domain to set up a website, issue SSL/TLS certificates, host email, etc.

Worse yet, after combining the results from the various providers affected by this problem over 120,000 domains were vulnerable (likely many more).

Moin2Qmail: DNS/ManagedDNS (last edited 2021-07-25 05:09:42 by ToshinoriMaeno)