โšก medium ๐Ÿ“‹ Ctrl+C, Ctrl+V Disasters

360contractservices.co.uk

Uploaded a JSON file payload into the TXT field

$ dig TXT 360contractservices.co.uk

;; QUESTION SECTION:

;360contractservices.co.uk. IN TXT


;; ANSWER SECTION:

360contractservices.co.uk. 3600 IN TXT "{"type":"domain_verification","token":"abc123xyz","domain":"360contractservices.co.uk","timestamp":"2023-01-15T10:30:00Z"}"

What Happened

Instead of placing this JSON verification payload at their web root (/.well-known/), the administrator pasted the raw JSON directly into the DNS TXT field. The DNS zone is not a web server.

Full TXT Record Value
{"type":"domain_verification","token":"abc123xyz","domain":"360contractservices.co.uk","timestamp":"2023-01-15T10:30:00Z"}