search

indianajson / can-i-take-over-dns

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones
758 stars 78 forks source link

DNSimple #16

Open indianajson opened 3 years ago

indianajson commented 3 years ago

Service DNSimple

Status Vulnerable

Nameserver

ns1.dnsimple.com ns2.dnsimple.com ns3.dnsimple.com ns4.dnsimple.com

Explanation

You can sign up for a free account on DNSimple. After creating your account go to Domains and click Add Domains. If you are able to create a zone for the vulnerable domain then takeover is possible. REMEMBER, the zone will not function until you start a 30-day trial with DNSimple, which requires a credit card on file.

False Positives

DNSimple can produce false positives because a domain can be in an account where the account owner's payment method has expired, thus the domain will not resolve (i.e. shows a DNS SERVFAIL error), but cannot be added to your account.

dadsgone0 commented 8 months ago

I'm getting "*.example.com matches a reserved subdomain"

indianajson commented 7 months ago

@dadsgone0 Please see the updated "False Positives" section of this issue. :)

dadsgone0 commented 7 months ago

So their domain will not resolve because their payment method is bad, but it cannot be taken over? How is it a false positive then if it can't be taken over? Am i just having a total brain-fart?

indianajson commented 7 months ago

@dadsgone0 It's a false positive because the way to identify vulnerable domains is if they return a SERVFAIL error. In this case, even though the domain returned the proper error code (indicating it was vulnerable) the domain is actually not vulnerable because it's already in someone's account, (i.e. we thought it was vulnerable but it was a "false positive").

dadsgone0 commented 7 months ago

Okay, I understand now. Thank you.

On Sat, Nov 11, 2023, 12:39 PM Indiana JSON @.***> wrote:

@dadsgone0 https://github.com/dadsgone0 It's a false positive because the way to identify vulnerable domains is if they return a SERVFAIL error. In this case, even though the domain returned the proper error code (indicating it was vulnerable) the domain is actually not vulnerable because it's already in someone's account, (i.e. we thought it was vulnerable but it was a "false positive").

— Reply to this email directly, view it on GitHub https://github.com/indianajson/can-i-take-over-dns/issues/16#issuecomment-1806887912, or unsubscribe https://github.com/notifications/unsubscribe-auth/AUDPSQ6MOONEDO6VSTD4QWTYD7A63AVCNFSM46LEUJZKU5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOBQGY4DQNZZGEZA . You are receiving this because you were mentioned.Message ID: @.***>