One small tweak gave researchers a powerful web domain ability that could prove incredibly useful for hackers

A cybersecurity researcher recently stumbled upon an Internet vulnerability allowing him to track people’s email, run code on servers, and even counterfeit HTTPS certificates – in fact, it gave him so many options, it has been described as having “superpowers”.

The vulnerability is quite a simple one in nature – an expired domain, still being pinged by numerous servers. The domain in question is dotmobiregistry.net – which used to host the WHOIS server for .mobi.

A WHOIS server provides information about the registration details of domain names and IP addresses. It is part of the WHOIS protocol, used to query databases that store the ownership and registration information of domain names and network resources on the internet. On the other hand, .mobi was a top-level domain (TLD) specifically designed for websites intended to be accessed via mobile devices. It was launched in 2006, and designed to ensure that websites hosted under this domain are optimized for mobile viewing.

Moving the WHOIS server

At some point, and no one seems to know when or why, the WHOIS server was moved from whois.dotmobiregistry.net, to whois.nic.mobi. When the CEO and founder of security firm watchTowr, Benjamin Harris, discovered this, he purchased the domain and used it to set up an alternate .mobi WHOIS server.

Over the next couple of days, Harris’ doppelganger received millions of queries from hundreds of thousands of systems, including domain registrars, governments, universities, and others.

This allowed him, for example, to dictate who gets TLS certificates.

“Now that we have the ability to issue a TLS/SSL cert for a .mobi domain, we can, in theory, do all sorts of horrible things—ranging from intercepting traffic to impersonating the target server,” Harris said in a technical write-up. “It’s game over for all sorts of threat models at this point. While we are sure some may say we didn’t ‘prove’ we could obtain the certificate, we feel this would’ve been a step too far—so whatever.”

Via Ars Technica

More from TechRadar Pro

https://cdn.mos.cms.futurecdn.net/B73DML5s9XT2asace74Gnd-1200-80.jpg

Source link

Picture this – Gemini streamlines image sharing to AI assistant

Cybertruck’s latest recall reminds us that Tesla is no longer the keeper of our all-electric dreams

Just in time for Black Friday? Samsung may be preparing for launch of 990 Pro successor — PM9E1 SSD is its first PCIe 5.0...

NymVPN | TechRadar

What UK political parties are promising in the 2019 general election

Otto Warmbier’s parents want North Korea to suffer for their son’s death

Could a ‘youthquake’ cause Boris Johnson to lose the general election?

People are driving through flames to escape this California wildfire

New ‘Westworld’ trailer introduces us to another dystopian tech company

What’s the point of ‘Charlie’s Angels’ without Sam Rockwell dancing?

These striking photos capture the future of human flight

‘Heathers’ is still the best dark comedy about high school hell

Trump vs. Harris: How the election will affect EV adoption

Lumwana’s Super Pit Expansion Officially Launched By Investing.com

How Biden could use a 1947 law to suspend the dockworkers’ strike

Why your Roth IRA conversions could have ‘unintended’ tax consequences

The YouTuber who has become one of Gen Z’s most beloved celebrities

26 last-minute holiday gifts that are still thoughtful and unique

Practicing gratitude regularly can make you less stressed and sleep better

8 things millennials wish you would just stop getting them for the holidays

One small tweak gave researchers a powerful web domain ability that could prove incredibly useful for hackers

Picture this – Gemini streamlines image sharing to AI assistant

Cybertruck’s latest recall reminds us that Tesla is no longer the keeper of our all-electric dreams

Just in time for Black Friday? Samsung may be preparing for launch of 990 Pro successor — PM9E1 SSD is its first PCIe 5.0...

NymVPN | TechRadar

Leave a reply Cancel reply