DIR Return Create A Forum - Home
---------------------------------------------------------
gworld
HTML https://gworld.createaforum.com
---------------------------------------------------------
*****************************************************
DIR Return to: HACKZ WORLD
*****************************************************
#Post#: 192--------------------------------------------------
DOMAIN HIJACKING
By: eba95 Date: August 3, 2010, 6:38 am
---------------------------------------------------------
In this post I will tell you about how
the domain names are hacked and
how they can be protected. The act
of hacking domain names
is commonly known as Domain
Hijacking. For most of you, the term
“domain hijacking” may seem to be
like an alien. So let me first tell you
what domain hijacking is all about.
Domain hijacking is a process by
which Internet Domain Names are
stolen from it’s legitimate owners.
Domain hijacking is also known as
domain theft. Before we can proceed
to know how to hijack domain
names, it is necessary to understand
how the domain names operate and
how they get associated with a
particular web server (website).
The operation of domain
name is as follows
Any website say for example
gohacking.com consists of two parts.
The domain name (gohacking.com)
and the web hosting server where
the files of the website are actually
hosted. In reality, the domain name
and the web hosting server (web
server) are two different parts and
hence they must be integrated
before a website can operate
successfully. The integration of
domain name with the web hosting
server is done as follows.
1. After registering a new domain
name, we get a control panel where
in we can have a full control of the
domain.
2. From this domain control panel,
we point our domain name to the
web server where the website ’s files
are actually hosted.
For a clear understanding let me take
up a small example.
John registers a new domain
“ abc.com” from an X domain
registration company. He also
purchases a hosting plan from Y
hosting company. He uploads all of
his files (.html, .php, javascripts etc.)
to his web server (at Y). From the
domain control panel (of X) he
configures his domain name
“ abc.com” to point to his web server
(of Y). Now whenever an Internet
user types “abc.com”, the domain
name “abc.com” is resolved to the
target web server and the web page
is displayed. This is how a website
actually works.
What happens when a
domain is hijacked
Now let’s see what happens when a
domain name is hijacked. To hijack a
domain name you just need to get
access to the domain control panel
and point the domain name to some
other web server other than the
original one. So to hijack a domain
you need not gain access to the
target web server.
For example, a hacker gets access to
the domain control panel of
“ abc.com”. From here the hacker re-
configures the domain name to
point it to some other web server
(Z). Now whenever an Internet user
tries to access “abc.com” he is taken
to the hacker’s website (Z) and not to
John’s original site (Y).
In this case the John’s domain name
(abc.com) is said to be hijacked.
How the domain names are
hijacked
To hijack a domain name, it’s
necessary to gain access to the
domain control panel of the target
domain. For this you need the
following ingredients
1. The domain registrar name for the
target domain.
2. The administrative email
address associated with the target
domain.
These information can be obtained
by accessing the WHOIS data of the
target domain. To get access the
WHOIS data, goto
whois.domaintools.com, enter the
target domain name and click on
Lookup. Once the whois data is
loaded, scroll down and you ’ll see
Whois Record. Under this you’ll get
the “Administrative contact email
address” get the domain registrar name,
look for something like this under
the Whois Record.
“Registration Service Provided By:
XYZ Company”. Here XYZ Company is
the domain registrar. In case if you
don ’t find this, then scroll up and
you’ll see ICANN Registrar under the
“Registry Data”. In this case, the
ICANN registrar is the actual domain
registrar.
The adminis
*****************************************************