Enjoy unlimited access to all forum features for FREE! Optional upgrade available for extra perks.

New Nominet drop catching flaw exposed

Discussion in 'Drop catching Domain Names' started by Hay, Sep 21, 2020.

Thread Status:
Not open for further replies.
  1. Hay

    Hay Active Member

    Joined:
    Jul 2019
    Posts:
    384
    Likes Received:
    97
    On 20/09/2020 i contacted Nominet via email to report a flaw being used by "multiple" people to catch domains...

    it would appear certain people are not just "Abusing" the flaw but "Abusing" it to the extent that is causing large amounts of traffic on nominets network in a way that its not designed to handle and for that reason im going to expose the flaw so nominet fix the issue as quickly as possible and put a stop to the greedy bastard(s) that want to play hard ball!
     
    • Like Like x 6
    • Informative Informative x 1
    Last edited: Sep 22, 2020
  2. Hay

    Hay Active Member

    Joined:
    Jul 2019
    Posts:
    384
    Likes Received:
    97
    PS: (You know who you are and you know i know who you are)
     
    • Like Like x 1
  3. signature

    signature Well-Known Member

    Joined:
    Nov 2013
    Posts:
    2,455
    Likes Received:
    103
    Wao, how is this a thing? Nominet needs to get a grip or the security and integrity of their platform.
     
  4. Hay

    Hay Active Member

    Joined:
    Jul 2019
    Posts:
    384
    Likes Received:
    97
    Yeah they might be pissed off with me for exposing it but they will thank me in the long run for all the traffic and abuse they save :)

    Those individual(s) im talking about know who they are and they are fully aware i know who they are.

    I've also found code belonging to these individual(s) in an unprotected repository which contains TAGS, Usernames and Passwords which can be sent to Nom along with the screenshots...
     
    • Winner Winner x 2
    • Like Like x 1
    Last edited: Sep 22, 2020
  5. cyberpunk United Kingdom

    cyberpunk Active Member

    Joined:
    Jul 2019
    Posts:
    151
    Likes Received:
    28
    I reckon Nominet will offer you a job soon @Hay
     
  6. signature

    signature Well-Known Member

    Joined:
    Nov 2013
    Posts:
    2,455
    Likes Received:
    103
    I hope they get a grip of their system.
     
  7. Hay

    Hay Active Member

    Joined:
    Jul 2019
    Posts:
    384
    Likes Received:
    97
    I hope Nominet change it to where you just buy batches of EPP and all domains are dropped at the same time which will render flaws and multi taggers useless
     
    Last edited: Sep 22, 2020
  8. ian

    ian Well-Known Member

    Joined:
    Jan 2008
    Posts:
    4,156
    Likes Received:
    316
    Bring it up in the annual general meeting (or whatever they call their pat on the back tea party) tomorrow?
     
  9. Hay

    Hay Active Member

    Joined:
    Jul 2019
    Posts:
    384
    Likes Received:
    97
    @ian - What so everyone else can take the piss before they patch it?
     
    Last edited: Sep 22, 2020
  10. ian

    ian Well-Known Member

    Joined:
    Jan 2008
    Posts:
    4,156
    Likes Received:
    316
    I meant more so they don't sweep it under the carpet as usual. If you tell the board in front of members, it will be minuted, logged, and will need them to deliver action. I get what you are saying about not wishing others to use it though, wasn't thinking about it that way.
     
    • Like Like x 1
  11. Hay

    Hay Active Member

    Joined:
    Jul 2019
    Posts:
    384
    Likes Received:
    97
    @ian - Ive sent them all the info in the email
     
    Last edited: Sep 22, 2020
  12. ian

    ian Well-Known Member

    Joined:
    Jan 2008
    Posts:
    4,156
    Likes Received:
    316
    But Ben, if you stop them, who will there be left for you to compete with lol :D:D:D
     
    • Funny Funny x 2
  13. Hay

    Hay Active Member

    Joined:
    Jul 2019
    Posts:
    384
    Likes Received:
    97
    @ian - the other 999999 tags :)
     
    • Agree Agree x 1
    Last edited: Sep 22, 2020
  14. 3gmedia

    3gmedia Active Member

    Joined:
    Sep 2017
    Posts:
    531
    Likes Received:
    101
    So has this been happening with latest ror

    I did notice that some premium domains had been caught by past active members

    Very interesting
     
    • Like Like x 1
  15. Hay

    Hay Active Member

    Joined:
    Jul 2019
    Posts:
    384
    Likes Received:
    97
    For the record... Anyone that thinks im talking about "Rob" im not... its nothing to do with him as far as im aware.
     
    • Like Like x 1
  16. lazarus

    lazarus Super Moderator Staff Member

    Joined:
    Feb 2013
    Posts:
    1,485
    Likes Received:
    409
    • Like Like x 2
    • Funny Funny x 1
  17. DJ

    DJ Well-Known Member

    Joined:
    Jul 2019
    Posts:
    1,792
    Likes Received:
    204
    Glad you posted this as I've bought a fair few on UKBO over the last couple of weeks. Phew....
     
    • Like Like x 1
  18. I tell you what it's days like this that I'm happy I've been so poor at finding flaws over the years.
     
  19. isurveyor United Kingdom

    isurveyor Active Member

    Joined:
    Jun 2013
    Posts:
    194
    Likes Received:
    10
    Me too, would not know a flaw if I tripped over it. I like to keep my feet on the ground....
     
  20. Why is this thread so quiet? :)
     
    • Funny Funny x 1
Thread Status:
Not open for further replies.