lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20031224015813.NFFE184278.fep03-mail.bloor.is.net.cable.rogers.com@BillDell>
From: full-disclosure at royds.net (Bill Royds)
Subject: visa XSS?

You missed the point. The IP does NOT belong to nac.net but
dns-nac-zone.com, a completely different domain.

Here is information for that domain (notice that QLD AU means Queensland
Australia )

C:\Documents and Settings\Bill>host 64.21.80.2
2.80.21.64.in-addr.arpa domain name pointer panther.dns-nac-zone.com.

C:\Documents and Settings\Bill>whois dns-nac-zone.com

Whois Server Version 1.3

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

   Domain Name: DNS-NAC-ZONE.COM
   Registrar: ENOM, INC.
   Whois Server: whois.enom.com
   Referral URL: http://www.enom.com
   Name Server: SEC.DNS-NAC-ZONE.COM
   Name Server: NS.DNS-NAC-ZONE.COM
   Name Server: NS0.DNS-NAC-ZONE.COM
   Status: REGISTRAR-LOCK
   Updated Date: 15-dec-2003
   Creation Date: 28-dec-2002
   Expiration Date: 28-dec-2004


>>> Last update of whois database: Tue, 23 Dec 2003 18:35:11 EST <<<


Found a referral to whois.enom.com.


Registration Service Provided By: Need A Dot Com?
Contact: kbritt@...da.com
Visit: http://www.needa.com

Domain name: dns-nac-zone.com

Registrant Contact:
   dns-nac-zone.com
   Robbie Walker (admin@...-nac-zone.com)
   N/A
   Fax: N/A
   P.O Box 3439
   Toowoomba, QLD 4350
   AU

Administrative Contact:
   dns-nac-zone.com
   Robbie Walker (admin@...-nac-zone.com)
   N/A
   Fax: N/A
   P.O Box 3439
   Toowoomba, QLD 4350
   AU

Technical Contact:
   dns-nac-zone.com
   Robbie Walker (admin@...-nac-zone.com)
   N/A
   Fax: N/A
   P.O Box 3439
   Toowoomba, QLD 4350
   AU

Billing Contact:
   dns-nac-zone.com
   Robbie Walker (admin@...-nac-zone.com)
   N/A
   Fax: N/A
   P.O Box 3439
   Toowoomba, QLD 4350
   AU

Status: registrar-lock

Name Servers:
   ns.dns-nac-zone.com
   ns0.dns-nac-zone.com
   sec.dns-nac-zone.com

Creation date: 28 Dec 2002 23:56:54
Expiration date: 28 Dec 2004 23:56:54 

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Scott Anderson
Sent: December 23, 2003 5:43 PM
To: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] visa XSS?

How is this located in Queensland.  Arin clearly states:

OrgName:    Net Access Corporation
OrgID:      NAC
Address:    1719 STE RT 10E
Address:    Suite 111
City:       Parsippany
StateProv:  NJ
PostalCode: 07054
Country:    US


Am I missing something?

-----Original Message-----
From: Adam Hunt [mailto:adam@...trecruiting.com]
Sent: Wednesday, 24 December 2003 3:29
To: jan.muenther@...ns.com; Mauro Flores
Cc: full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] visa XSS?


this is not nac.net

it's a completely different netblock blah blah

it's some punk in Queensland AU

Robbie Walker

and if some one is sniffing from nac.net it's too bad for them because 
nac.net
is run by some completely incompetent MS dorks who at some point switched to
freeBSD and are learning by the seat of there pants (I know because I use to
be a customer DSL was great from them because they knew nothing about
bandwidth management and I took a entry levle class with a senior bandwidth
manager) as well I am regularly taking there customers and doing 
development,
and hosting for them because of the downtime probs and security issues that
nac.net is continually plagued with and I usually save the clients between 
50
and 75 % of there yearly bill with better service.

I'm just righting this to poke the nose of nac.net.

Adam


On Tuesday 23 December 2003 08:10 am, jan.muenther@...ns.com wrote:
> > I went to http://64.21.80.2/~gotier/verified_by_visa.htm, this guy is
> > using a php script to get card numbers and pins, I think that someone is
> > going to have a merry christmas :)
>
>Heh, true. Did you write the connecting ISP (nac.net) an abuse email? The
>box is running quite a bunch of services, of which quite a few are plain
>text ones, so I'd guess the kid has sniffed them somewhere and replaced
>this poor guy's pages in his home dir...
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

_________________________________________________________________
Get less junk mail with ninemsn Premium. Click here  
http://ninemsn.com.au/premium/landing.asp

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ