joohoi
joohoi is a seasoned hacker with over two decades of experience in the fields of software development and information security. He is recognized for his significant contributions to the open-source community, notably his work on acme-dns, ffuf, and certbot.
Session
08-08
19:00
50min
Flipping Bits: Your Credentials Are Certainly Mine
STÖK, joohoi
Did you know that if you change a single bit from 1 to 0 (or vice versa) in the first 'g' of the domain name google.com (which is 01100111 in binary) you will end up with variety of valid "bitflip" domains like coogle.com, oogle.com, & woogle.com
So what happens if you generate and register a bunch of cheap bitfliped versions of popular cloud / Saas provider domains, point them to your VPS, log all incoming requests & then forget about the whole thing for two years?
Hacking
Andromeda