[EXPLOITS] DNS Hijacking


DNS Hijacking with 000webhost and Afraid

Required:
  • 000webhost account
  • Afraid.org account
Steps:
000Webhost
     -Login to your account.
     -At List of your Domains , click on Go to CPanel
 
     -Scroll down and click on File Manager
 
     -Upload your deface script as index.php into the public_html folder
    -Do not forget to delete .htaccess and default.php
Afraid.Org
    -Once you have login, click on Subdomain and Add a subdomain
 
    -You will see a form, choose Many many more available
 
    -Now click on Shared Domain Registry
     -You will see a lot of domain. You can pick any site as target, or search for specific target such as .gov,.edu and more.
 
    -After that, you will get Add a subdomain form. Fill the form as below and save.
    -If success, you will see something like this
 
000webhost
     -Go to Parked Domain
 
    -Paste your target in the textbox and click on Park Domain
 
    -That's all! Now go to your target URL and check if it's defaced. It needs a few minutes to make changes. If the site still not available, try another. :)