Rozblog Domains DNS Hijacking

2017.06.20
ir Mersad Security Research (IR) ir
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: Rozblog - Domains DNS Hijacking # Google Dork: N/A # Date: 2017-06-20 # Exploit Author: Mersad Security Research # Software Link: - # Version: - # Tested on: Kali Linux # Vendor Homepage: http://rozblog.com # CVE : - -------------------------------------- Description: DNS hijacking is a process in which an individual redirects queries to a domain name server (DNS). It may be accomplished through the use of malicious software or unauthorized modification of a server. Once the individual has control of the DNS, they can direct others who access it to a web page that looks the same, but contains extra content such as advertisements. They may also direct users to pages containing malware or a third-party search engine. and! Rozblog a Persian blogger that you host several thousand sites ------------------------------------- NoTe: Operations will only be performed on dedicated domain sites PoC Video: https://youtu.be/bvkdUbwAsps 1- You must first create a user account on the site 2- Then go to the movie and train the Hijack operations on the site All the explanations and how to use the vulnerability in the movie are said Watch the movie carefully ------------------------------------- # Discovered By: Sh4dow (BlackPentester@Gmail.Com) # We Are:Mersad (Mersad - Gray Industry) # https://telegram.me/MersadGroup # Mersad@Protonmail.Com # Sh4dow - Cyrus - SOLTAN SILENT - AminStev

References:

https://youtu.be/bvkdUbwAsps


See this note in RAW Version
Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top