It is a bit old method but necessary to understand if you are learning about DNS hijacking and In Past a Pakistani Famous BlackHat hacker " Shadow008 " was hijacking the subdomains of blogger blogs and everyone was shocked to see how he is doing this but after a mean while he published an article about how he hijacked the blogger sub domains on his blog.

                      We know that when someone host his website on blogger he have to point the CNAME toward to given address by blogger or if we want to connect the domain mail with Gmail we also have to point it toward the Gmail Address given by them and many peoples at that time do one mistake that they point their domains to Gmail or blogger cname to connect their domain and they forget to add the pointed sub domain in blogger and this gives us the error which is in the below picture.


















404. 
That’s an error.
The requested URL subdomain.example.com was not found on this server.
That’s all we know."

This error means that the domain is pointed toward google,s cname or ip address but it is not yet hosted and shadow008 took its revenge and hijacked the sub domains of many blogs by simply hosting thos sub domains on blogger.com by adding custom domain in settings and he was successfully able to add the sub domain.

Shado008 hijacked the sub-domains of many important websites including  thehackernews.com which was


  • " http://direct.thehackernews.com/ "
  • " http://www.zone-h.org/mirror/id/18307796 " 

some how the direct subdomain was pointing toward,s the google,s ip and he hijacked it easily and not only this but including many more high ranking websites.


  1. Now the question arises in our mind is how we can find the vulnerable  subdomains ?
The Answer is simple use DNS_Map tool which will burtforce the subdomains of blogger website and you can check them for the 404 error and if they contain that error then you can hijack the domain easily and DNS_map tool is included in linux backtrack and kali .

    2. You found the 404 error sub-domain ? looking for how to hijack ?

  1. Open blogger.com and open your free blogspot as mine is sniperhaxx.blogspot.com 
  2. Goto Settings 
  3. Click on setup 3rd party URL 
  4. Add the sub-domain which is giving url 
  5. Done now you have added successfully now  go and edit the html of template and deface it.

Post a Comment