We Spent $20 To Achieve RCE And Accidentally Became The Admins Of .MOBI
We recently performed research that started off “well-intentioned” (or as well-intentioned as we ever are) – to make vulnerabilities in WHOIS clients and how they parse responses from WHOIS servers exploitable in the real world (i.e. without needing to MITM etc).
We hope you’ve enjoyed (and/or been terrified by) today’s post, in which we took control of a chunk of the Internet’s infrastructure, opened up a big slab of juicy attack surface, and found a neat way of undermining TLS/SSL – the fundamental protocol that allows for secure communication on the web.
We want to thank the UK’s NCSC and the ShadowServer Foundation for rapidly working with us ahead of the release of this research to ensure that the ‘dotmobiregistry.net’ domain is suitably handled going forwards, and that a process is put in place to notify affected parties.