A security leak of Godaddy DNS

It is not only affecting my account. I think it is a security hole for all Godaddy nameserver users. I explain in dettails –

I have more than one Godaddy account. I manage my domains in account A, and a deluxe linux share hosting with account B. The nameservers of mydomain.com are set up in account A using xxx.domaincontrol.com. mydomain.com has a wildcard A record pointing to my dedicated server. However, in account B, I can add a domain like sub.mydomain.com. Then when I ping sub.mydomain.com, it will ping out 68.178.254.179 or 72.167.232.13 (share hosting server). That means sub.mydomain.com override the wildcard A record in account A. In theory, other Godaddy share hosting user can also hijack anyname.mydomain.com to point to an ip address of theirs.

It is very scary, isn’t it? I assume Godaddy did not setup DNS infrastructure correctly.

Leave a Reply

Your email address will not be published. Required fields are marked *