How To Hack Domain Names


In this post I will tell you about how the domain names are hacked and how they can be protected. The act of hacking domain names is commonly known as Domain Hijacking. For most of you, the term “domain hijacking” may seem to be like an alien. So let me first tell you what domain hijacking is all about.

Domain hijacking is a process by which Internet Domain Names are stolen from it’s legitimate owners. Domain hijacking is also known as domain theft. Before we can proceed to know how to hijack domain names, it is necessary to understand how the domain names operate and how they get associated with a particular web server (website).


The operation of domain name is as follows

Any website say for example gohacking.com consists of two parts. The domain name (gohacking.com) and the web hosting server where the files of the website are actually hosted. In reality, the domain name and the web hosting server (web server) are two different parts and hence they must be integrated before a website can operate successfully. The integration of domain name with the web hosting server is done as follows.

1. After registering a new domain name, we get a control panel where in we can have a full control of the domain.

2. From this domain control panel, we point our domain name to the web server where the website’s files are actually hosted.

For a clear understanding let me take up a small example.

John registers a new domain “abc.com” from an X domain registration company. He also purchases a hosting plan from Y hosting company. He uploads all of his files (.html, .php, javascripts etc.) to his web server (at Y). From the domain control panel (of X) he configures his domain name “abc.com” to point to his web server (of Y). Now whenever an Internet user types “abc.com”, the domain name “abc.com” is resolved to the target web server and the web page is displayed. This is how a website actually works.


What happens when a domain is hijacked

Now let’s see what happens when a domain name is hijacked. To hijack a domain name you just need to get access to the domain control panel and point the domain name to some other web server other than the original one. So to hijack a domain you need not gain access to the target web server.

For example, a hacker gets access to the domain control panel of “abc.com”. From here the hacker re-configures the domain name to point it to some other web server (Z). Now whenever an Internet user tries to access “abc.com” he is taken to the hacker’s website (Z) and not to John’s original site (Y).

In this case the John’s domain name (abc.com) is said to be hijacked.


How the domain names are hijacked

To hijack a domain name, it’s necessary to gain access to the domain control panel of the target domain. For this you need the following ingredients

1. The domain registrar name for the target domain.

2. The administrative email address associated with the target domain.

These information can be obtained by accessing the WHOIS data of the target domain. To get access the WHOIS data, goto whois.domaintools.com, enter the target domain name and click on Lookup. Once the whois data is loaded, scroll down and you’ll see Whois Record. Under this you’ll get the “Administrative contact email address”.

To get the domain registrar name, look for something like this under the Whois Record. “Registration Service Provided By: XYZ Company”. Here XYZ Company is the domain registrar. In case if you don’t find this, then scroll up and you’ll see ICANN Registrar under the “Registry Data”. In this case, the ICANN registrar is the actual domain registrar.

The administrative email address associated with the domain is the backdoor to hijack the domain name. It is the key to unlock the domain control panel. So to take full control of the domain, the hacker will hack the administrative email associated with it. Email hacking has been discussed in my previous post how to hack an email account.

Once the hacker take full control of this email account, he will visit the domain registrar’s website and click on forgot password in the login page. There he will be asked to enter either the domain name or the administrative email address to initiate the password reset process. Once this is done all the details to reset the password will be sent to the administrative email address. Since the hacker has the access to this email account he can easily reset the password of domain control panel. After resetting the password, he logs into the control panel with the new password and from there he can hijack the domain within minutes.


How to protect the domain name from being hijacked

The best way to protect the domain name is to protect the administrative email account associated with the domain. If you loose this email account, you loose your domain. So refer my previous post on how to protect your email account from being hacked. Another best way to protect your domain is to go for private domain registration. When you register a domain name using the private registration option, all your personal details such as your name, address, phone and administrative email address are hidden from the public. So when a hacker performs a WHOIS lookup for you domain name, he will not be able to find your name, phone and administrative email address. So the private registration provides an extra security and protects your privacy. Private domain registration costs a bit extra amount but is really worth for it’s advantages. Every domain registrar provides an option to go for private registration, so when you purchase a new domain make sure that you select the private registration option.

Popularity: 6% [?]
6 comments
Labels:

How to Hack Using Key logger


1. What is a keylogger?It can be downloaded from this link-"http://http://sniperspy.en.softonic.com/download"
A keylogger, sometimes called a keystroke logger, key logger, or system monitor, is a
small program that monitors each keystroke a user types on a specific computer’s
keyboard. Using a keylogger is the easiest way to hack an email account. A keylogger
program can be installed just in a few seconds and once installed you are only a step
away from getting the victim’s password.
2. Where is the keylogger program available?
A keylogger program is widely available on the internet. Some of the best ones are listed
below
SniperSpy
Win-Spy
Lost Door
3. How to install it?
You can install these keyloggers just as any other program but these things you keep in mind. While installing, it asks you to set a secret password and a hot key
combination. This is because, after installation the keylogger program is completely
hidden and the victim can no way identify it. So, you need the Hot Key combination and
secret password to later unhide the keylogger.
4. Once installed how to get password from it?
The hacker can open the keylogger program by just pressing the hot keys (which is set
during installation) and enter the password. Now it shows the logs containing every
keystroke of the user,where it was pressed, at what time, including screenshots of the
activities. These logs contain the password of the victim’s email account.
5. I don’t have physical access to the victim’s target computer, what can I do?
It doesn’t matter whether or not you have physical access to the victim’s computer.
Because keyloggers like SniperSpy and Win-Spy offers Remote Installation Feature.
With this feature it is possible to remotely install the keylogger on the victim’s PC.
You can attach the keylogger with any file such as image, MS excel file or other
programs and send it to the victim via email. When the victim runs the file, it will
automatically get installed without his knowledge and start recording every activity on
his computer. These activities are sent to you by the keylogger software via email or FTP.
6. Can the victim come to know about the presence of the keylogger on his/her PC?
No, the keylogger runs in total stealth mode and there is no way he/she can identify it’s
presence on the computer.
7. How can a keylogger hack the Email password?
Hacking an email password using keylogger is as simple as this: You install the
keylogger on a Remote PC (or on your local PC). The victim is unaware of the presence
of the keylogger on his computer. As usual, he logs into his Email account by typing the
username and password. This username and password is recorded and sent to you via
Email. Now you have the password of your target email account.
In case if you install the keylogger on your local PC, you can obtain the recorded email
password just by unhiding the keylogger program (use your hot key and password to
unhide).
8. Which Keylogger is the best?
Both the keyloggers mentioned above are the best for email hacking. However
SniperSpy has got a slightly better advantage over WinSpy. These are some of the
advantages of SniperSpy over Win-Spy.
Sniper Spy is more reliable than Win-Spy since the logs sent will be received and hosted
by SniperSpy servers. You need not rely on your email account to receive the logs.
SniperSpy offers better support than WinSpy.
SniperSpy has got recognition from media such as CNN, BBC, CBS, Digit etc. Hence it
is more reputed and trustworthy.
18 comments
Labels:
 
Copyright (c) 2010 Sky Net. Design by WPThemes Expert

Themes By Buy My Themes and Web Design.