Skip to content

Search the site

Hackers could have taken over every single .ai domain

"It is clear that the internet is so, so brittle" and possibly held together with duct tape

The internet; connected by duct tape. Credit: Dall-E

A group of security researchers exploring how to hack domain registries ended up with the ability to gain “full control over any .ai domain.”

Sam Curry, Brett Buerhaus, Rhys Elsmore, and Shubham Shah, in a striking bit of research, also gained the ability to control the DNS zones of 19 other top-level domains (TLDs) they said in a June 12 report – including the .ly used by a domain shortener with over five million monthly users.

(The .ai top-level domain is widely used by AI startups, with over 170,000 registered users. The researchers could have pulled them offline  – or abused this control creatively and maliciously in a great many ways.)

Hacking .ai: EPP and XEE FTW

They achieved this by targeting EPP (Extensible Provision Protocol) servers with an XML external entity (XEE) injection and then chaining that attack with a local file disclosure vulnerability on registry software.

EPP servers are “arguably one of the most critical pieces of infrastructure in the world of domains” they explained, letting registrars (which help users obtain domains) communicate with the registry organisations ultimately responsible for managing TLDs by exchanging XML messages.

By scanning the internet and relying on passive data for IPs with port 700 (used by EPP) open, they “were able to amass a large list of EPP servers.”

They then modified a Python EPP client and crafted an XML payload to run a “simple” XXE attack on these EPP servers. Those found to be vulnerable to this attack were mostly running a registry software named CoCCA Registry Software – that ships with a built-in EPP server as part of a turnkey software package that lets smaller registries provide TLD/ccTLDs.

That software in turn had a local file disclosure vulnerability to obtain any file on the local system. One of the files they could access included the SSH private key for a maintainer of the .ai registry that let them login to his server, which in turn contained backups of the entire .ai registry.

“In the process of reading files from various registry servers running CoCCA, we discovered a file called” the team noted this week. “This script was responsible for taking a full database backup and uploading them to a central account.. these credentials were valid and led to the ability to compromise almost every major ccTLD that was running the CoCCA application. Game over.”

“All of this was communicated to the affected parties and all of the EPP servers running the CoCCA software that were managed by this central entity have been patched” they added. (The Stack has contacted CoCCA, or the “Council of Country Code Administrators” for comment).

“Whether or not they are still uploading all the database backups to a central account is unknown, but it is clear that the internet is so, so brittle” the collective of researchers at Hack Compute concluded.

See also: An entire top-level domain got knocked offline and nothing could be done because Arizona was asleep