From the mind of Jamie Huskisson: From a freelance UK PHP developer, to managing director, to lead developer

Fundamental mistake at DynaDot - Gain Access to Domains at DynaDot!

Posted on January 14th, 2007 in ,

DynaDot, a registrar of about 55,000 domains, apparently has a very skimpy security system. I was managing a domain of mine when I decided to experiment with the URL. I found that you can get any domain you want, with a few clicks.

Original Link
Digg Link

Seriously… 55,000 domains registered and they have such a fundamental security mistake as this? I could probably feel sorry for them if they had a JavaScript exploit or a 1000 character hack in the URL… but switching the ID number of the registered domain and gaining complete access? That’s just stupidity.

DynaDot coders - for shame.

There is 1 response to this post so far

Feel free to use any of the following tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>