How A Hacker Hijacked the blogger subdomains

It is a bit old method but necessary to understand if you are learning about DNS hijacking and In Past a Pakistani Famous BlackHat hacker " Shadow008 " was hijacking the subdomains of blogger blogs and everyone was shocked to see how he is doing this but after a mean while he published an article about how he hijacked the blogger sub domains on his blog.

                      We know that when someone host his website on blogger he have to point the CNAME toward to given address by blogger or if we want to connect the domain mail with Gmail we also have to point it toward the Gmail Address given by them and many peoples at that time do one mistake that they point their domains to Gmail or blogger cname to connect their domain and they forget to add the pointed sub domain in blogger and this gives us the error which is in the below picture.


















404. 
That’s an error.
The requested URL subdomain.example.com was not found on this server.
That’s all we know."

This error means that the domain is pointed toward google,s cname or ip address but it is not yet hosted and shadow008 took its revenge and hijacked the sub domains of many blogs by simply hosting thos sub domains on blogger.com by adding custom domain in settings and he was successfully able to add the sub domain.

Shado008 hijacked the sub-domains of many important websites including  thehackernews.com which was


  • " http://direct.thehackernews.com/ "
  • " http://www.zone-h.org/mirror/id/18307796 " 

some how the direct subdomain was pointing toward,s the google,s ip and he hijacked it easily and not only this but including many more high ranking websites.


  1. Now the question arises in our mind is how we can find the vulnerable  subdomains ?
The Answer is simple use DNS_Map tool which will burtforce the subdomains of blogger website and you can check them for the 404 error and if they contain that error then you can hijack the domain easily and DNS_map tool is included in linux backtrack and kali .

    2. You found the 404 error sub-domain ? looking for how to hijack ?

  1. Open blogger.com and open your free blogspot as mine is sniperhaxx.blogspot.com 
  2. Goto Settings 
  3. Click on setup 3rd party URL 
  4. Add the sub-domain which is giving url 
  5. Done now you have added successfully now  go and edit the html of template and deface it.

Comments

  1. Dude, so if there is a site say example.com,
    I type in xyz.example.com and I get 404 error, then does it mean that it is vulnerable ?

    ReplyDelete
    Replies
    1. It was but recently google has patched the bug :p

      Delete
    2. I mean, if I want to test a site whether it is vulnerable or not .. how can I test it.
      I'm talking in terms of other websites and not blogger/google/blogspot ..

      Could you please tell the actual way to assess the same ..

      Really would appreciate the same.

      Delete
    3. look brother this bug is patched now and we can not practice anymore but this will help you to learn dns hijacking

      Delete
  2. Wow!! Awesome Work you have done!!! This software is work properly!! I had a little problem but I fix that my self

    ReplyDelete
  3. A very awesome blog post. We are really grateful for your blog post. You will find a lot of approaches after visiting your post. I was exactly searching for. Thanks for such post and please keep it up ria hacker

    ReplyDelete
  4. Such a very useful article. Very interesting to read this article.I would like to thank you for the efforts you had made for writing this awesome article. hire a hacker

    ReplyDelete

Post a Comment

Must Comment ! Dear