MoinQ:

/value-domain

1. 登録

debiru_Rさんが実験用に登録されたドメイン名です。-- ToshinoriMaeno 2022-03-02 23:31:02

レジストラはvalue-domainだそうです。

2. whois

Domain Name: lavoscore.work
Registry Domain ID: DA6EA09E9D70D4B0CB2D3ED5FC5A1D034-GDREG
Registrar WHOIS Server: whois.discount-domain.com
Registrar URL: whois.discount-domain.com
Updated Date: 2022-03-02T12:28:01Z
Creation Date: 2022-03-02T04:26:50Z
Registry Expiry Date: 2023-03-02T04:26:50Z
Registrar: GMO Internet, Inc. d/b/a Onamae.com

Name Server: ns1.value-domain.com
Name Server: ns2.value-domain.com
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of WHOIS database: 2022-03-02T12:39:46Z <<<

3. 乗取

www.lavoscore.work.     3600    IN      TXT     "tmaeno-www"

www.lavoscore.work.     3600    IN      SOA     ns1.value-domain.com. hostmaster.www.lavoscore.work. 2022030213 3600 900 604800 3600

4. history

https://priv.lavoscore.org/20220302/ 錠つき

自身が管理する www\.lavoscore.work が第三者に乗っ取られた、
というストーリーで脆弱性があることを説明してIPAに届出を行いました。
debiru_R / coeurl
昨日、午後6:20  2022-03-02)

value-domain側でもアラートが鳴ったようで、次の日には修正されていた。

5. www 乗取り

$ dig -t any www.lavoscore.work @ns1.value-domain.com

; <<>> DiG 9.16.1-Ubuntu <<>> -t any www.lavoscore.work @ns1.value-domain.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5917
;; flags: qr aa rd; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 5
;; WARNING: recursion requested but not available

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1680
; NSID: 6e 73 31 2e 76 61 6c 75 65 2d 64 6f 6d 61 69 6e 2e 63 6f 6d ("ns1.value-domain.com")
;; QUESTION SECTION:
;www.lavoscore.work.            IN      ANY

;; ANSWER SECTION:
www.lavoscore.work.     3600    IN      TXT     "tmaeno-www"
www.lavoscore.work.     3600    IN      NS      ns1.value-domain.com.
www.lavoscore.work.     3600    IN      NS      ns2.value-domain.com.
www.lavoscore.work.     3600    IN      SOA     ns1.value-domain.com. hostmaster.www.lavoscore.work. 2022030213 3600 900 604800 3600

;; ADDITIONAL SECTION:
ns1.value-domain.com.   1200    IN      A       54.65.150.1
ns1.value-domain.com.   1200    IN      AAAA    2406:da14:55b:f2a1:fe58:d51e:b42e:476d
ns2.value-domain.com.   1200    IN      A       54.64.110.166
ns2.value-domain.com.   1200    IN      AAAA    2406:da14:55b:f2c1:67c2:eaee:3247:5af2

;; Query time: 12 msec
;; SERVER: 54.65.150.1#53(54.65.150.1)
;; WHEN: 木  3月 03 15:07:40 JST 2022
;; MSG SIZE  rcvd: 281


CategoryDns CategoryWatch CategoryTemplate

MoinQ: DNS/設定/演習/lavoscore.work (last edited 2022-04-12 06:43:22 by ToshinoriMaeno)