You can now find Cyber Kendra on Google News!

GoDaddy CSRF Vulnerability Allows Domain Takeover

GoDaddy CSRF Vulnerability Allows Domain Takeover, GoDaddy Vulnerability Allows Domain Hijacking, Vulnerability on Godaddy, Vulnerability on domain registrar, GoDaddy vulnerability, hacking GoDaddy
One of the most popular Domain registrar and web hosting provider firm 'Godaddy' have patched a critical Cross Site Request Forgery (CSRF) vulnerability, which allow any attacker or hacker to hijack any domain registered with Godaddy.

A security researcher Dylan Saccomanni, have reported the CSRF vulnerability to Godaddy and domain registrar have patched the vulnerability within 24 hours. Saccomanni wrote in his blog post that while managing one old domain which was registered in Godaddy, he came across the bug. He found that there was no protection against the CSRF vulnerability on many of the DNS management actions.

Cross-Site Request Forgery (CSRF) is a method of attacking a website in which an attacker need to convince the victim to click on a specially crafted HTML exploit page that will make a request to the vulnerable website on their behalf.

To exploit the vulnerability attacker just have add some Social Engineering tricks and make any of the users of Godaddy to click on the attacker designed webpage. This the sucussfull exploitation of the vulnerability leads take complete control over the victim domains, can change DNS, disable auto-renew features of all registered domains. 

"They don’t need sensitive information about the victim’s account, either – for auto-renew and nameservers, you don’t need to know anything." -he wrote "For DNS record management, all you need to know is the domain name of the DNS records."
 Initially it was quite hard to reach Godaddy team say Saccomanni. He had tried to contact Godaddy from numbers of email and also with Support portal, but at last he got helped from the Godaddy's twitter account. 

Post a Comment