0

So I recently learned about domain name locking after having found the *.co domains of a top web site weren’t protected against server and client updating/transfering. (while the .co tld offers all registrar locking protections)

As the answer of that question wasn’t descriptive on wheather this depict a real threat, I finally reported the issue to their security team (plus an another bug that might enable to perform the theft from their own registrar website).

However, came up the killer’s question from their part :how would it be possible to update contact details ?
I don’t have even an idea of the involved protocols in such registrar transferring…

Community
  • 1
user2284570
  • 1,402
  • 1
  • 14
  • 33
  • 1
    Historically? Fax. This is modern day, though, so I've no doubt people are doing it via tumblr or flickr or something else with no e. – gowenfawr Feb 02 '16 at 15:26
  • @gowenfawr of course the aim is to answer the security team question's. – user2284570 Feb 02 '16 at 15:27
  • then the answer is "social engineering and alternate channels" (which is what I said, but with less flippancy). Unfortunately, I can't make it descriptive, so it's a comment not an answer. – gowenfawr Feb 02 '16 at 15:30
  • @gowenfawr ok but what i need is to understand the technial part, so I can understand what would differ from doing the same with a protection. Because social engineering targetting who: the current registrar staff? – user2284570 Feb 02 '16 at 15:36
  • 1
    For your homework, assess the weaknesses of this process: [Register.com Email Address Change Form](http://www.register.com/policy/forms/change_email_form.rcmx) – gowenfawr Feb 02 '16 at 15:36
  • @gowenfawr : I don’t understand. Today many registrars performs things automatically. So for the current case, I can’t see the usecase of clientUpdateProhibited with Markmonitor, and in the meantime, MarkMonitor steal provide this as an option. There are even web‑based systems for automatic unlocked domain name transferring *(no human involved between registrars)*. I’m also really confused with this sentence I found`Completely locked domains cannot be modified using standard network protocols.`. Still thank you for keeping trying to explain things. – user2284570 Feb 03 '16 at 20:20

0 Answers0