點擊新聞
出現一個奇怪的畫面
網頁被指向
http://www.julianhaight.com/msnhack.shtml#newsSubCategory.aspx?newsSubCategoryID=9
Someone at Microsoft messed up.
It looks like they made a typo when entering the dns information for their domain msn.com.tw. Instead of typing dns.cp.msft.net, they entered dns.cpmsft.net. I discovered this while doing some anti-spam research related to dns. I registered the name cpmsft.net, which was previously unused. Now I control one fifth of the visitors and emails to sites at msn.com.tw.
I won't do anything bad with the information I gather, but I am redirecting people here so that the problem will be noticed and fixed. I registered the domain as a proof of concept and out of curiosity.
Don't count on Microsoft for security!
$ dig msn.com.tw @d.twnic.net.tw.
;; QUESTION SECTION:
;msn.com.tw. IN A
;; AUTHORITY SECTION:
msn.com.tw. 86400 IN NS dns1.cp.msft.net.
msn.com.tw. 86400 IN NS dns1.dc.msft.net.
msn.com.tw. 86400 IN NS dns1.tk.msft.net.
msn.com.tw. 86400 IN NS dns3.uk.msft.net.
msn.com.tw. 86400 IN NS dns.cpmsft.net.
