hi mate tell me yes bro its me what s ur name Francisco nice to meet you and you, what is your name man, and where are you from and why you want speak with a poor man like me i m reda and i m from morocco where are you from N ? because we are the same ? i love security i was hacker nice, and where did you found my mail in ur web, checking some articles aha, you dont have any webpage? it was and i take it down we were wanted where are you from ? mexico hmm i see i have good friends fromp mexico do you know status-x no he was a defacer i dont know scriptkiddies, sorry yeah i see what do you can do ? what? did u code some exploit ? are you here yes good and you? dont have any published i was wanted a redirect the google.de dns ? The Inquirer BE : DNS hacking veranderde Google.de en zone-h.org weg i was testing a query dns under google dns i find there is a privilge to escalate it accept quary they fix it quary? i dont understand anything dns query # Host -l www.google.de ns1.redirect.com the fist thing i get 5(accepted) now it : 5 (REFUSED) are u with me bro wait ok sorry i dont understand nothing damn, what the fuck ok ok bro you change named.conf or what i see This function allows remote users to modify and create delete DNS records. changes DNS recordS x ah!! u used 514 tool ? and my own technic yeah all and what's your own technic DNS Query to dns implementation of the regional transmission can you show me ? if dns not set correctly we can change it like wait # host -l google.de ns1.page2.com if u see 5(REFUSED) ur quary not accepted the dns set up well i did it in google.de and its changed lolzzzzzzzzz that was a test then in the morning i saw news writing articles lolzzzzzzzzzzzz man you dont know what are you doing yes bro yeah i know you know what does host -l ? yes bro sure? yes bro then, what the fuck about page2.com this is not the dns of google.de and you are doing nothing running host -l with page2.com i know i want just give u a test but it success bro in google do you belive me ? yes, i believe you but i think you are lucky with google.de yeah lucky and you only run the tool without knowning what are you doing but not ur tools i was testing some commands yeah bro what commands linux and NT commands can you be more specific? ok ok bro firstly i discovred that dns give leaking information AXFR is a vulnerability, right but you dont exploit this, you only take information with it yeah i see bro whats the bug in AXFR ? i will be back later ok bro i see take ur time [root@dns1 logs]# grep "20/Jul" access_log.processed | grep dnsfun.exe 196.217.222.196 - - [20/Jul/2007:18:53:34 +0200] "GET /dnsfun.exe HTTP/1.1" 200 36864 "http://www.514.es/2007/03/explotando_actualizaciones_din.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" [root@dns1 logs]# jwhois 196.217.222.196 | less [Querying whois.arin.net] [Redirected to whois.afrinic.net] [Querying whois.afrinic.net] [whois.afrinic.net] % This is the AfriNIC Whois server. % Note: this output has been filtered. % Information related to '196.217.192.0 - 196.217.223.255' inetnum: 196.217.192.0 - 196.217.223.255 netname: IAM descr: ADSL subscriber - Casa and south morocoo country: MA admin-c: OA78-AFRINIC tech-c: em1685-AFRINIC status: ASSIGNED PA mnt-by: ONPT-MNT source: AFRINIC # Filtered parent: 196.217.0.0 - 196.217.255.255