Digital Ocean

Question

Digital Ocean

indianajson opened this issue 3 years ago · 2 comments

indianajson commented 3 years ago

`Service` Digital Ocean

`Status` Vulnerable

`Nameserver`

ns1.digitalocean.com
ns2.digitalocean.com
ns3.digitalocean.com

`Explanation`

To perform a takeover create a new account on Digital Ocean and follow the DNS quick start guide. In short, once inside the Dashboard click on the big green Create button and select Domains/DNS. Enter the vulnerable domain in the form field labeled Enter domain. If the page allows you to create the zone the takeover was successful.

Digital Ocean's vulnerability to DNS takeovers was discussed in detail by Matthew Bryant in 2016 and they are still vulnerable today.

Answer 1 · 2023-02-13T20:48:36.000Z

For anyone wondering, this is still vulnerable in 2023.

Answer 2 · 2024-03-19T21:15:29.000Z

And in 2024, Digital Ocean is still vulnerable.

Service Digital Ocean

Status Vulnerable

Nameserver

Explanation

`Service` Digital Ocean

`Status` Vulnerable

`Nameserver`

`Explanation`