Mass domain hijacking

If someone suddenly turns to you with a request to explain how they were able to take away a domain from him, do not be surprised. Due to the banal outdated information in the registration data, any domain risks becoming prey to a hacker. And if you connect several useful tools to this, then in an extremely short period of time, it is possible to acquire at once dozens of foreign domains at once!
Video project SocialWare.ru

---

')
That just does not come to mind with boredom.
So we, having nothing to do, decided to plan something global and see if it is possible to get access not to several domains, but to many at once! And we did it. Hold on recorders!

First of all, we wanted to see small statistics on domains, how many registrars have them, how many are released, and which ones are already divided. But nothing special came of this and we began to think further.
After some deliberation, the idea came to sort the domains by mailboxes, and then we got to the point. Bingo!
On 1stat.ru/?show=whois, you can use such a chip as replacing one character, or replacing any number, and most importantly, you can list the domains by email of the owner, which we used.


We entered the query % mail .ru .
And got the result.
500 domains received (out of 60,000).
Five hundred domains are nice, but as you already understood this is not the limit of possibilities and to increase the list of displayed domains, you just need to register on the site. By the way, they have a fairly strict registration, it turned out to register only from the second time.
After the procedure, the result is increased 10 times!
* 5000 domains obtained.


But replacing any number of characters, if not cool, the first 5 thousand domains still fly out. But how can you do it so that the rest of them will ...
In general, you can use the search method and make requests of the form * mail .ru , then ** mail .ru and so on until all 60 thousand are typed. And you can search for ready-made databases. Rumor has it that they are sold (and, moreover, fairly cheaply and absolutely legally) on the site, which will be discussed, just below.

Just imagine the scale, 60k domains and it is only in the mail.ru zone, and how many more of them have been affected .
Go ahead. It is necessary to bring into operation all of these lists of domains.
For this we can use the remarkable function of this huiz and save the results of the issue in csv format. (it is not always possible to save, probably the developers somewhere made a mistake). In this case, you can simply select all and paste into excel, also an option.

But to our great regret, the control boxes are shown in the form of pictures, and when exporting from the site, there is simply no such table. But we really really want to fuck this list of boxes.
Having estimated the possible jackpot, they immediately decided that it was possible to relax a little and buy a program (well, or find alternative solutions).
Epochta whois extractor , with a discount costing 350r (to get a 300r discount, you just need to post a message on any blog, what a cool program it is and provide a link to the support).

I hope you have already understood that having a list of control boxes for specific domains, this list can be checked for validity, as surely with time many boxes become obsolete and are deleted.
Therefore, having learned which boxes are free, we can easily register them and restore access to the domain to them! And on some abandoned boxes, there must be a large number of parked and also abandoned domain names, which may be just waiting for you to become their new owner.
In the database 1stat.ru , almost 2.5 million domains! It’s even hard to imagine how many domains can be moved!

And so it went.
Account we have already registered, the list of domains made.
Now we need the same program, whois extractor , with which we will grab all the control boxes.
Everything is very simple, we insert the list of domains, press the “start” button and then save the result in a convenient format.


Second on the list, this is our most important process, checking all the boxes for employment. To do this, we will use the FreeMail program, which was written by a person under the nickname Zdez Bil Ya ( icq 1414351 ), for which he has a separate respect.
It is a pity that the program is paid, but the prices do not bite, and remembering the ultimate goal, we still donate a certain amount to this very useful software in our business.


We load from the file our list of boxes.
I want to note the list should stand only from the names, without the prefix mail .ru .
After we select the zone in which we are going to check them and “start” again. Well, and here is how the chip will fall. :)

We are waiting for some time, and then we rejoice at the result.
Believe me, the number of free boxes will make you very happy.
And here, the list of email addresses is ready and we move on.


It remains only to register all the boxes and restore access.


But doing it with our hands is not our method. We need everything to be as quick and simple as possible. Actually, this is why we found Mail.ru Registrator.2.0, which can automate the whole process of registering a large number of mailboxes.


What to do after we gain access to the domain control panel is everyone’s business. But in any case, it is worthwhile to think in advance where all these domains should go and how quickly they can be transferred to another registrar (remember the new amendment, which obliges you to submit a scan of your passport).

Well, that's all. As you can see, everything is very simple and a little effort can certainly make good money!

On the video there are such programs as:
• Excel .
• Epochta whois extractor www.epochta.ru/products/whois (there is a free alternative, more on that later).
• FreeMail 1.2 from Zdez Bil Ya ( icq 1414351 ).
• + registered account on 1stat.ru (after registering it gives more list of domains, up to 5000 immediately)
• + software for mass registration of mailboxes (if you don’t want of course to register all mailboxes manually).
Well, everything seems. Simple and tasteful)

Where to watch the video:
www.youtube.com/watch?v=7e1bi3y0_Pk ---> without sound.
vimeo.com/socialware
multi-up.com/194868

Ps.
A little about the alternative replacement program Epochta whois extractor .
If you look at the links with pictures of emails, then you will see:
1stat.ru/email.php?e=Zm9tNjhAbWFpbC5ydQ==
1stat.ru/email.php?e=ZG9tYWlub2Z0cmFpZGVyc0BtYWlsLnJ1
1stat.ru/email.php?e=YmVybGx5eUBtYWlsLnJ1

So, the fact that after e - email in base64
Decoding is simple:
echo base64_decode('Zm9tNjhAbWFpbC5ydQ==');
And we will see: fom68@mail.ru
Similarly with other domains ...

Pps.
The authors of the article GoodGod and morty10 .