The scale of possibilities with this hack are enormous. You could easily redirect entire domains, generate valid SSL certs for those domains, then capture all the data including all login credentials for all users on those domains.
With exploitation of the right domains you would probably be able to extend this hack using stolen authentication information to take over basically the entire Internet.
Funny hack of my own once: a major web hosting company had a forum which failed to check uploaded profile pics were images, so I used it to upload a script so I could browse their entire filesystem. I eventually came across their root password stored in plaintext in a configuration file. The password? "internet" - all lowercase, just like that.
I kinda think these vulnerabilities were long exploited but no one made the move to actually make any harm is because 1) not profitable for private parties 2) state actors are waiting for a proper time to execute
With exploitation of the right domains you would probably be able to extend this hack using stolen authentication information to take over basically the entire Internet.
Funny hack of my own once: a major web hosting company had a forum which failed to check uploaded profile pics were images, so I used it to upload a script so I could browse their entire filesystem. I eventually came across their root password stored in plaintext in a configuration file. The password? "internet" - all lowercase, just like that.