A few weeks ago, Nick Berlette found an exploit on the DynaDot website and posted it on his blog.
Here’s what happened.

DynaDot sends a Cease and Desist to Nick’s hosting provider: screenshot here – link to hosting.

DynaDot sends a notice to GoDaddy, and his account is banned: screenshot here.

DynaDot sends a notice to Digg, his account is banned: (“invalid”), http://www.digg.com/register (check availability on “berlette” taken)

Nic’s blog is back up, post removed:

It’s amazing how far they went. But hey – I’d imagine he messed up their systems pretty bad considering it got to the front page of digg.

Digg this Story!

Tags: dynadot, funnies

Feel free to leave a comment on this post, I'd love to hear your thoughts. Follow me on Twitter, Like JHuskisson.com on Facebook

DynaDot, a registrar of about 55,000 domains, apparently has a very skimpy security system. I was managing a domain of mine when I decided to experiment with the URL. I found that you can get any domain you want, with a few clicks.

Original Link
Digg Link

Seriously… 55,000 domains registered and they have such a fundamental security mistake as this? I could probably feel sorry for them if they had a JavaScript exploit or a 1000 character hack in the URL… but switching the ID number of the registered domain and gaining complete access? That’s just stupidity.

DynaDot coders – for shame.

Tags: dynadot, little things

Feel free to leave a comment on this post, I'd love to hear your thoughts. Follow me on Twitter, Like JHuskisson.com on Facebook