According to Wikipedia Domain Hijacking is defined as "process by which registration of a currently registered domain name is transferred without the permission of its original registrant, generally by exploiting a vulnerability in the domain name registration system."
The first and foremost step in any hacking activity is gaining information. So, to hack a domain a hacker need various information. If you have ever managed a website you know that any website is managed with domain control panel. So, the main aim of the hacker is to gain full access to the domain control panel in order to carry out changes. For this a hacker need to posses some information such as the name of the domain registrar and the email address which is used as the administrative email address.
For this purpose the hacker uses some WHOSIS look up utilities. These utilities provides data about the domain name registration from the public registry database. The two site which I like most are:
Whois and domaintools
These websites helps the user to search the public interest registry database in order to find more about any website. These database are publicly available and are mostly used by operator to determine the contents of a domain.
Once a hacker gets its hand on the administrative email of the domain. He carry out an attack on the email. Once he hacked the administrative email everything became steady simple. He then does to the registrar domain and will then request for a forgotten password. The reset links for the passwords are sent to the administrative email and as he has full control over it he receives the reset link in his administrative email inbox. Now once he reset the password he can do anything with the previous domain. He could delete it, could change the content, or could redirect the link to some another site.
How to prevent domain hijacking?
- Protect your email ID first, create strong passwords, don't ever click on any link and don't download any suspicious things sent through email.
- Register with a domain that doesn't share your data publicly.
3 comments:
Good write up dude, whois lookup feels interesting, I tried to find about my site and it showed the data.
This is good method for finding the hijacked domain name..It is not so easy to find the domains that have been hijacked..
I DONT KNOW WHAT YOU HAVE BEEN THROUGH OR HOW LONG YOU HAVE BEEN LOOKING BUT THIS IS THE LAST STOP AS THERE IS A HACKER WHO CAN HELP YOU WITH SPY WARE ON YOUR CHEATING PARTNER OR UPGRADE YOUR SCHOOL SCORES OR HELP WITH RESULT AND CLEAR ANY CRIMINAL RECORD..
HACKING OF FACEBOOK , EMAIL , AND BANK ACCOUNTS ARE HIS SPECIALTY.. EMAIL : GREENFR1007@GMAIL.COM OR SKYPE:SATISH.ANCHAN4
BEST EVER .
Post a Comment