1. DNS/orphaned_internet



December 05, 2016

The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean

It turns out this vulnerability affects just about every popular managed DNS provider on the web. 
If you run a managed DNS service, it likely affects you too. 

1.1. The Managed DNS Vulnerability

1.1.1. The root of this vulnerability


The root of this vulnerability occurs when a managed DNS provider allows someone to add a domain to their account _without any verification of ownership of the domain name itself._

This is actually an incredibly common flow and is used in cloud services such as AWS, Google Cloud, Rackspace and of course, Digital Ocean.

"AWS responded quickly and fixed the problem." とあるが、今も乗取可能である。-- ToshinoriMaeno 2020-04-28 07:21:12

1.2. 日本


DNS/共用ゾーンサービス/さくら DNS/domain_owner

Here’s how one guy found out how to hack 120,000 domain names

by Morgan on December 6, 2016