Hacking root EPP servers to take control of zones

A group of researchers recently investigated the security of ccTLD/TLD registries globally, and succeeded in controlling the DNS zones of 20 ccTLDs by taking advantage of vulnerabilities in the underlying protocols and web applications that run registries on the internet. The registry is responsible for managing all the domains registered within its zone and facilitates the functionalities for the registrars that speak to it, and the registrar is the middle man between the consumer and the registry. The researchers were able to exploit the registry software CoCCA Registry Software, which is used by small teams or outsourced to private individuals by many ccTLDs, and found that a large number of EPP servers were vulnerable to a simple XXE attack.


To top