Monday, 10 March 2014

DNS Hijacking with 000Webhost







Finding Target

1- Singup for an account at www.000webhost.com

2- Create a new site, just use the subdomain,for example mine was : http://testingfu.comule.com 






Exploiting Target

1- Now Go to CPanel and Look for IP Adress, you'll get something like "31.170.163.140"

2- Now Goto Bing .com and type dork ip:31.170.163.140.If you want .gov .edu or any other particular domain then dork should be " ip:31.170.163.140 .gov " or " ip:31.170.163.140 .edu "

Server 1 with 253 ips
31.170.161.1 - 31.170.161.253

Server 2 with with 253 ips
31.170.162.1 - 31.170.162.253

Server 3 with 242 ips
31.170.163.1 - 31.170.163.241


3- Let say our result/target is york.gov.il , simply add abcd or anything you like in front of the URL, so it would be like this

abcd.york.gov.il

and you will get this error page





4- Now go to your Cpanel at 000webhost and park a subdomain 





 5- Now go to public_html and upload your deface page. :D


SOURCE: DEVILCAFE