| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: bretscher at 5sl.org (Johannes Bretscher) Subject: Teen hacker controls ebay On Wed, Sep 08, 2004 at 06:47:25AM +0200, noddie_x wrote: > > > On Tue, 7 Sep 2004, Gaurang Pandya wrote: > > > http://www.theinquirer.net/?article=18288 Says, a teen > > hacker "he had managed to become the new owner of > > eBay.de." can any one tell me what do they mean by > > this..did he actually changed ip address at DNS or its > > DNS Cache poisioning or something else?? > probly did it thru some auto-dns system that works on web based forms and > confirmations emails. they normally work on request ticket numbers, if you > can find a way to break the confirmation parser, bob's your uncle. cant > see anywhere that he attacked a service. He did not attack anything. He simply requested a Domain Transfer. His provider did not check and sent the request to denic. Denic asked the Provider of eBay.de who did not respond several times. This was regarded as implicit ACK. So this guy was the owner of ebay.de -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin, Historical Review of Pennsylvania, 1759.
Powered by blists - more mailing lists