search

EdOverflow / can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Creative Commons Attribution 4.0 International
4.75k stars 706 forks source link

AWS Load Balancer #137

Open nk9 opened 4 years ago

nk9 commented 4 years ago

Service name

AWS Load Balancer looks like "region.elb.amazonaws.com" or "elb.region.amazonaws.com"

Proof

The URLs produced when you create a load balancer contain a number which you can't control, like . Since Amazon assigns that number, you cannot claim an expired domain even if you can claim the "name" (in this case "vw3-production").

Documentation

Configure a Custom Domain Name for Your Classic Load Balancer

fuomag9 commented 4 years ago

So this means that elb cannot be taken over

bsysop commented 4 years ago

I had a good theory, created a engine to do it, invested a good time in that, lost 700$ in AWS costs with multiple accounts. By my calculations it would need 27 years to match with an valid ELB.

Good luck.

fuomag9 commented 4 years ago

I had a good theory, created a engine to do it, invested a good time in that, lost 700$ in AWS costs with multiple accounts. By my calculations it would need 27 years to match with an valid ELB.

Good luck.

as I tought, elb can't been taken over. ec2 ip address on the other hand tho seem more interesting

bsysop commented 4 years ago

I had a good theory, created a engine to do it, invested a good time in that, lost 700$ in AWS costs with multiple accounts. By my calculations it would need 27 years to match with an valid ELB. Good luck.

as I tought, elb can't been taken over. ec2 ip address on the other hand tho seem more interesting

Probably, never tried.

pdelteil commented 3 years ago

I had a good theory, created a engine to do it, invested a good time in that, lost 700$ in AWS costs with multiple accounts. By my calculations it would need 27 years to match with an valid ELB. Good luck.

as I tought, elb can't been taken over. ec2 ip address on the other hand tho seem more interesting

Probably, never tried.

It was fixed recently. You will only get a set of 4 to 5 IPs when you associate and release the IPs. Before you could iterate until receiving the wanted IP.

AnotherWayIn commented 3 years ago

I went down the ec2 IP route a year or two back. I created a script that went through all their IP ranges in about 2 weeks. I found that it eventually it started giving me the same IPs again without giving me any that were available for possible takeover. I guess they have some long lease time on them preventing takeover.

Quantum-Hacker commented 3 months ago

Hey is this elb.amazonaws.com is vulnerable to takeover hah?? please