Maintained by: NLnet Labs

[Unbound-users] signed .com domain ?

Roy Arends
Fri Apr 1 16:09:11 CEST 2011


On Apr 1, 2011, at 1:45 PM, Andreas Schulze wrote:

> hi,
> 
> anybody knows a signed .com domain ?
> I would like to know it for testing ...

Hi Andreas, 

Nominet's research team developed a method to do a pre-image attack after walking the NSEC3 chain in the com zone, regardless of hash-iterations used. The result after the first run, recovered the following names from their hashes (apologies for the arcane output):

4orz 76gigs a-jwebhost accesshabersham ahhpesss ammascan aqarategypt arawebhosting arkaemis avicenne-city background-checks-systems bancobpd bearriverwebdesign borntoridedvd boss-university businesspalz buzzdoug buzzmath cacert camelotblues candlelynn canyoneeringdvd capturedonearth capturedonearthphotography cednocon cedricnocon cfxmusic chainzombies chaw cliktraks co-parentplan co-parentplanner codywrightdvd commandfive coparentplan coparentplanner countryday crkandassociates crksolutions cynexis danmahoney dephiendai derektrauger descrufust descrufustmerchandising devoer dnspython dnssec-or-not dnssek dnsserves domainscheaper downcrown dydns e-business1 easyroyaltiesusa econtadores efectogia egywebsite euphoricecstasy euphoricpleasure evdhosting exanames familiagia farbeyondcode forumom frantapia fullwormage fuseeasyquilts galerarockbar godofswords gtconceptsinc gtldomain heavymetalblades heavymetaldefense heroeditions i-ngenieros ibadancer infoblox inhighcottonmall internationalpageantproductions iowaballetacademy iphoneperformance jasadvisors jasperlentjes jimjonespainter jobpoint keboola kiwicomputersolutions knightofknives krabivilla life-gone-hazy likejournal lilycate liveprodt lotbrowser madcatbailbonds masterofswords meatloafninja mgtowforum mgtowforums milesbrightonjaffe mindframe miprlog miracleatkapyong misr-online mpengng myadsclassified mybatteryplace myknifecentral myknifedepot myknivesstore myswordcentral mysworddepot myswordstore mythiccollectables mythiccollectibles natparksplace netfixers netlinxinc offerdogg oztrack oztracktuning parkcityrocks patchwork-entertainment patchworkentertainment petworldlee phonelogon pigpoet play-bow playbow prescottintegrityaccounting protech-unlimited purplekisscouture pw-ent quantnet realtyontop rellim renskewognum reputemall riskintel sanibar saricha sbwebonline scolab sddsm sextasypleasure sharedlists sharongabaree snipey spacespike springlakeumc stellaandfriendsstore stephenvinson stockblocks synertechpm tennisrungs thaivilla thecookbookpantry thedefensemaster thekuvera themerds themirch thetigerseyes thirdeyedreams thirdeyesales thirdeyesupply tibercreek tibercreekrx timgabaree tracklings tradiart transfer-egypt truetigerdefense truetigereyes truetigermedia truetigerproperties truetigersales truetigerwebdesign twipv6 twoinfinites tyeb ungkonsument uniperu ushouserefinance usnewsreal utahshakespeareanfestival utahshakespearefestival verisignlabs viantseries virtuefaction vividlucidity weaponmania wereid wesellcrazystuff wmthackeray ws6z xelerance ximenatapia xwaylab yamya zappowappy zhenggardenframingham

For an exact description of our pre-image attack algorithm, please see: http://bit.ly/Wle7

Kind regards,

Roy Arends
Head of Research
Nominet UK



> 
> Thanks & nice weekend.
> Andreas
> 
> -- 
> Andreas Schulze
> Internetdienste | P252
> 
> DATEV eG
> 90329 Nürnberg | Telefon +49 911 319-0 | Telefax +49 911 319-3196
> E-Mail info @datev.de | Internet www.datev.de
> Sitz: 90429 Nürnberg, Paumgartnerstr. 6-14 | Registergericht Nürnberg, GenReg Nr.70
> Vorstand
> Prof. Dieter Kempf (Vorsitzender)
> Dipl.-Kfm. Wolfgang Stegmann (stellvertretender Vorsitzender)
> Dipl.-Kfm. Michael Leistenschneider
> Jörg Rabe v. Pappenheim
> Dipl.-Vw. Eckhard Schwarzer
> Vorsitzender des Aufsichtsrates: Reinhard Verholen
> 
> _______________________________________________
> Unbound-users mailing list
> Unbound-users at unbound.net
> http://unbound.nlnetlabs.nl/mailman/listinfo/unbound-users
>