18/06/09 21:28:13.35 n+GDsSuf.net
www.000webhost.com,CNAME,saitama-9705.herokussl.com.
members.000webhost.com,CNAME,saitama-9705.herokussl.com.
new.000webhost.com,CNAME,saitama-9705.herokussl.com.
affiliates.000webhost.com,CNAME,saitama-9705.herokussl.com.
So obviously out of sheer curiosity I visit saitama-9705.herokussl.com
"Heroku | No such app"
There is no app configured at that hostname."
So I decided to dig around (pun intended)
dig ns www.000webhost.com
[+] RESULTS [+]
;; ANSWER SECTION:
www.000webhost.com. 568 IN CNAME saitama-9705.herokussl.com.
saitama-9705.herokussl.com. 405 IN CNAME elb074996-249621923.us-east-1.elb.amazonaws.com.
dig ns members.000webhost.com
[+] RESULTS [+]
;; ANSWER SECTION:
members.000webhost.com. 600 IN CNAME saitama-9705.herokussl.com.
saitama-9705.herokussl.com. 333 IN CNAME elb074996-249621923.us-east-1.elb.amazonaws.com.
dig ns affiliates.000webhost.com
[+] RESULTS [+]
;; ANSWER SECTION:
affiliates.000webhost.com. 14400 IN CNAME saitama-9705.herokussl.com.
saitama-9705.herokussl.com. 202 IN CNAME elb074996-249621923.us-east-1.elb.amazonaws.com.
Um, I'm not 100% sure, but can't a misconfigured CNAME lead to DNS Hijacking which could lead to many many other possibilities...?
I registered URLリンク(saitama-9705.herokuapp.com) however don't have money to buy pay for the SSL and haven't looked into it that much since I've never used Heroku before.
I'm not super familiar with DNS Hijacking, but can't a misconfigured CNAME lead to it?
What do you guys think?
Thanks, 👀
Rock54: Caution(BBR-MD5:b95868ef2c0ed5e765a4d10ada4cf289)