lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Mon Feb 27 21:06:36 2006
From: j.schipper at math.uu.nl (Joachim Schipper)
Subject: Using domain whois information for fun and
	profit

On Mon, Feb 27, 2006 at 02:41:17PM -0600, Response Team wrote:
> The whois information for this domain contains a <script> tag. This means if
> you are to view the whois information on any HTML based page, the script is
> executed.
> 
> Registrant:
>    DOMIBOT (CAREFREETRAVELMN-COM-DOM)
>    Avenida Caroni 5478
>    Colinas Monte, Caracas
>    Venezuela
>    +1.2085751538
>    <script>open('http://CAREFREETRAVELMN.COM');</script>
>    +1.2085751538
>    domains@...ibot.com
> 
>    Domain Name: CAREFREETRAVELMN.COM
>    Status: PROTECTED
> 
> A google search for HTML based Whois pages turned up: http://
> networking.ringofsaturn.com/Tools/whois.php
> If you do a whois on carefreetravelmn.com, you get a popup window.
> 
> Should internic allow <tags> to be used in domain registration contact info?

Why not? It's not like it's internic's problem that some
people/programmers do stupid things.

Blacklists wouldn't work anyway, and it's, again, not internic's fault
or problem.

And there is no reason to use a web-based client when all serious
networking operating systems come with a whois client supplied (or at
least very, very easily installed).

		Joachim

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ