indianajson / can-i-take-over-dns

"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Dotster

indianajson opened this issue · comments

Service Dotster

Status Vulnerable (w/ purchase)

Nameserver

ns1.dotster.com
ns2.dotster.com
ns1.nameresolve.com
ns2.nameresolve.com

Explanation

Dotster is powered by Domain.com, which means creating a zone on Domain.com also creates a zone on Dotster (and vice versa). For example, 4orty3.net uses Dotster's DNS, however ns1.domain.com will resolve all records for 4orty3.net.

Per Domain.com's Knowledge Base you can add external domains if you have an existing account or if you purchase something (like hosting). Thus, to perform a takeover on Dotster, I recommend you get an account on Domain.com (buy something cheap and cancel) then add the zones to Domain.com (which will activate the zone on Dotster).

Since Dotster also owns 000domains.com creating a zone on Dotster will active a zone automatically on 000domains.com's DNS.

Needs Verification? Yes

While the documentation supports the belief that takeover is possible and their system uses the same backend as Bizland and MyDomain (which are vulnerable). We do need someone to verify that takeover is possible.