How to Hack a Website with DNS Poisoning/DNS Hijacking:
So you might be thinking how websites get DNS Poisoned or in other words, DNS Hijacked...!!!
Recently, all of wou know that many Greate sites such as Google had been defaced. Not only 1 but 6 Googles were Defaced Like Google Indonesia, Google Malaysia, Google Pakistan, Google Palestine, Google Serbia and Google Kenya. While many people still does not understand how Hackers managed to deface such big sites. In this article, I am going to show you how it works and how hackers manage a DNS Poisoning attack on the target.
1st of all, the Hacker tries to find the Domain Registry. Main registry can be found by using Google or Wikipedia. (Example: If the Hacker sets Google.com.au as his target, he would go to Google and search ”Official Domain Registry Of Australia” or would go to Wikipedia and search “.au” )
Once the Hacker finds the main domain registry, He then starts to pentest (He tries to Hack that domain registry) the web application to find vulnerabilities where users login. When the Hacker finds a vulnerability (Example:SQL Injection) , he then tries to access the server or the database using that vulnerability. Once he gets access to the database, he is then able to see all users login details (Usernames/Passwords/Email/ Password Reset Key). The hacker then tries to access to its targets account using the information provided from the database.
When the hacker gains access to its targets domain control panel using the user login details, he then has control of all domain names linked to that account. The hacker can then change its targets domain name servers and contact details. If the hacker wants its target to be DNS hijacked, he simple changes all passwords and login details. If the hacker wants to DNS poison its target, he only changes the domain name servers. Changing the domain name servers would allow the hacker to change from its old server to its new server (New server = Hackers server). Once the domain name servers are changed to the hackers server, the hacker then has full control of that website. He can then add his own page (deface page) on the domain name that he took control of. Once a the name servers are changed, it then takes maximum 24 hours for it to change globally (Normally it takes around 6 hours).
Hope you Like it
If you liked it then please share it so that other could also understand what is DNS Poisoning or DNS Hijacking.
Recently, all of wou know that many Greate sites such as Google had been defaced. Not only 1 but 6 Googles were Defaced Like Google Indonesia, Google Malaysia, Google Pakistan, Google Palestine, Google Serbia and Google Kenya. While many people still does not understand how Hackers managed to deface such big sites. In this article, I am going to show you how it works and how hackers manage a DNS Poisoning attack on the target.
1st of all, the Hacker tries to find the Domain Registry. Main registry can be found by using Google or Wikipedia. (Example: If the Hacker sets Google.com.au as his target, he would go to Google and search ”Official Domain Registry Of Australia” or would go to Wikipedia and search “.au” )
Once the Hacker finds the main domain registry, He then starts to pentest (He tries to Hack that domain registry) the web application to find vulnerabilities where users login. When the Hacker finds a vulnerability (Example:SQL Injection) , he then tries to access the server or the database using that vulnerability. Once he gets access to the database, he is then able to see all users login details (Usernames/Passwords/Email/ Password Reset Key). The hacker then tries to access to its targets account using the information provided from the database.
When the hacker gains access to its targets domain control panel using the user login details, he then has control of all domain names linked to that account. The hacker can then change its targets domain name servers and contact details. If the hacker wants its target to be DNS hijacked, he simple changes all passwords and login details. If the hacker wants to DNS poison its target, he only changes the domain name servers. Changing the domain name servers would allow the hacker to change from its old server to its new server (New server = Hackers server). Once the domain name servers are changed to the hackers server, the hacker then has full control of that website. He can then add his own page (deface page) on the domain name that he took control of. Once a the name servers are changed, it then takes maximum 24 hours for it to change globally (Normally it takes around 6 hours).
Hope you Like it
If you liked it then please share it so that other could also understand what is DNS Poisoning or DNS Hijacking.
%2B-%2BHacking%2BPoint.jpg)
Post a Comment