indianajson / can-i-take-over-dns

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

AWS Route 53

libertalialtd opened this issue · comments

Service AWS Route 53

Status Not Vulnerable

Nameservers

ns-****.awsdns-**.org
ns-****.awsdns-**.co.uk
ns-***.awsdns-**.com
ns-***.awsdns-**.net

Explanation

AWS Route 53 is no longer vulnerable to DNS takeovers even when SERVFAIL errors are returned due to changes by the team that stops takeovers via newly created zones. This has been independently verified.

But can't we match the nameservers on hit and trial basis,deleting and creating zone until one of the ns matches

@0xpr4bin This was patched for the most part where AWS won't serve the previously assigned NS pairs. It can happen in a very limited number of scenarios but as far as we are aware this is effectively patched.

Have received a couple of successful NS takeovers over the last week. So I would recommend setting the label back to vulnerable.