lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <4DC4CA24.2010403@mitm.cl>
Date: Sat, 07 May 2011 01:27:16 -0300
From: ksha <ksha@...m.cl>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: WTF


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/06/2011 11:15 PM, Nick Boyce wrote:
> On Fri, May 6, 2011 at 6:49 PM, Gustavo <gustavorobertux@...il.com>
> wrote:
>
>> WTF ?
>>
>> notebook:~$ ping www.compusa.com PING bh.georedirector.akadns.net
>> (127.0.0.1) 56(84) bytes of data. 64 bytes from
>> localhost.localdomain (127.0.0.1): icmp_req=1 ttl=64 time=0.019
>> ms
>
> Same here ... this time on Windows :
>
> F:\>ping www.compusa.com
>
> Pinging bh.georedirector.akadns.net [127.0.0.1] with 32 bytes of
> data:
>
> Reply from 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from
> 127.0.0.1: bytes=32 time<1ms TTL=128 Reply from 127.0.0.1: bytes=32
> time<1ms TTL=128 Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
>
> Ping statistics for 127.0.0.1: Packets: Sent = 4, Received = 4,
> Lost = 0 (0% loss), Approximate round trip times in milli-seconds:
> Minimum = 0ms, Maximum = 0ms, Average = 0ms
>
> F:\>nslookup www.compusa.com Server: zzzz Address: 999999999
>
> Non-authoritative answer: Name: bh.georedirector.akadns.net
> Address: 127.0.0.1 Aliases: www.compusa.com,
> compusa.syx.com.akadns.net
>
>
> Normally I'd say that's a DNS config screwup, which would make
> them unreachable (since their website is not on my system).
> However, Google seems to be able to reach them if you use the "site
> preview" option in the search results :
> http://www.google.com/search?q=www.compusa.com
>
> Curious.
>
> Relevant: http://forums.opendns.com/comments.php?DiscussionID=9721
>
> Nick -- Leave the Olympics in Greece, where they belong.
>
> _______________________________________________ Full-Disclosure -
> We believe in it. Charter:
> http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
> sponsored by Secunia - http://secunia.com/

About dns

;; ADDITIONAL SECTION:
ns01.highspeedbackbone.net. 240003 IN    A    199.181.77.21
ns02.highspeedbackbone.net. 240003 IN    A    199.181.78.22
ns03.highspeedbackbone.net. 240003 IN    A    199.181.77.23
ns04.highspeedbackbone.net. 240003 IN    A    199.181.78.24

testing one by one ...

[ksha@...bof ~]$ dig compusa.com @199.181.77.21 AXFR

; <<>> DiG 9.8.0 <<>> compusa.com @199.181.77.21 AXFR
;; global options: +cmd
; Transfer failed.
[ksha@...bof ~]$ dig compusa.com @199.181.78.22 AXFR

; <<>> DiG 9.8.0 <<>> compusa.com @199.181.78.22 AXFR
;; global options: +cmd
; Transfer failed.
[ksha@...bof ~]$ dig compusa.com @199.181.77.23 AXFR

; <<>> DiG 9.8.0 <<>> compusa.com @199.181.77.23 AXFR
;; global options: +cmd
; Transfer failed.


and the last allow zone transfer.

compusa.com.        86400    IN    SOA    ns03.highspeedbackbone.net.
hostmaster.highspeedbackbone.net. 2008134189 10800 3600 604800 3600
compusa.com.        86400    IN    TXT    "v=spf1 ip4:206.191.131.0/24
mx -all"
compusa.com.        86400    IN    MX    10 mail.highspeedbackbone.net.
compusa.com.        86400    IN    NS    ns01.highspeedbackbone.net.
compusa.com.        86400    IN    NS    ns02.highspeedbackbone.net.
compusa.com.        86400    IN    NS    ns03.highspeedbackbone.net.
compusa.com.        86400    IN    NS    ns04.highspeedbackbone.net.
compusa.com.        900    IN    A    206.181.131.221
compusa.com.        900    IN    A    206.181.131.220
nap.miadk._domainkey.compusa.com. 5 IN    TXT    "t=y\;
p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAJ5YnwXcWzCFY6fvQ1Gd6tzI97rvvOw9PVjoekWbja1reGBMfjJ+rfwsJCQavPadAUAKbs46KUDubUgcmwe1oU9abJ3APStwgcxMXlWfvlhuSXmyDHG+HQAIrk0PsR7BBwIDAQAB\;"
nap.miadkim._domainkey.compusa.com. 5 IN TXT    "v=DKIM1\; t=y:s\;
p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAJ5YnwXcWzCFY6fvQ1Gd6tzI97rvvOw9PVjoekWbja1reGBMfjJ+rfwsJCQavPadAUAKbs46KUDubUgcmwe1oU9abJ3APStwgcxMXlWfvlhuSXmyDHG+HQAIrk0PsR7BBwIDAQAB\;"
_sip._tls.compusa.com.    300    IN    SRV    0 0 443 sip.compusa.com.
answers.compusa.com.    86400    IN    CNAME
web220.highspeedbackbone.net.
autodiscover.compusa.com. 300    IN    A    10.100.100.108
community.compusa.com.    86400    IN    CNAME
web220.highspeedbackbone.net.
comp.compusa.com.    900    IN    A    206.181.131.89
comp.compusa.com.    900    IN    A    206.181.131.49
dubdubdub.compusa.com.    60    IN    CNAME
www.compusa.com.edgekey.net.
forums.compusa.com.    86400    IN    CNAME
web220.highspeedbackbone.net.
help.compusa.com.    86400    IN    NS    ns02.highspeedbackbone.net.
help.compusa.com.    86400    IN    NS    ns01.highspeedbackbone.net.
images.compusa.com.    86400    IN    CNAME
images.compusa.com.edgesuite.net.
m.compusa.com.        300    IN    CNAME    compusa.com.velocitude.mobi.
media.compusa.com.    900    IN    A    206.181.131.89
media.compusa.com.    900    IN    A    206.181.131.49
news.compusa.com.    86400    IN    A    74.81.68.187
origin-images.compusa.com. 900    IN    A    206.181.131.89
origin-images.compusa.com. 900    IN    A    206.181.131.49
origin-www.compusa.com.    60    IN    A    206.191.131.54
origin-www.compusa.com.    60    IN    A    206.191.131.14
retail.compusa.com.    600    IN    A    10.101.132.194
reviews.compusa.com.    86400    IN    CNAME
web220.highspeedbackbone.net.
sip.compusa.com.    300    IN    A    64.94.62.157
static.compusa.com.    900    IN    A    206.181.131.89
static.compusa.com.    900    IN    A    206.181.131.49
storenet.compusa.com.    600    IN    CNAME    vnet.highspeedbackbone.net.
storenettest.compusa.com. 600    IN    CNAME
vnet.highspeedbackbone.net.
testing.compusa.com.    300    IN    A    64.94.62.194
www.compusa.com.    60    IN    CNAME    compusa.syx.com.akadns.net.
compusa.com.        86400    IN    SOA    ns03.highspeedbackbone.net.
hostmaster.highspeedbackbone.net. 2008134189 10800 3600 604800 3600
;; Query time: 1489 msec
;; SERVER: 199.181.78.24#53(199.181.78.24)
;; WHEN: Sat May  7 01:21:36 2011
;; XFR size: 40 records (messages 40, bytes 2779)




- -- 

Ninja Coder

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJNxMojAAoJEP64MfdRn+k8tU8H/13Oo6j/vnZMlvZ8gFZ8VfvU
TQgI+pr3jeQy4BMD7uPcqzY1GUUvsGsSvsmcMq/Zx65/ugIrnes5Pf/7Jx0RZ7IV
gBLVlyADSAIUVAOBGHZTqcUmaJlzrUYL6Z4NkComhusLzOrL1+uf0+umj6e4ZoDs
A9TSPzEhqbT6i7k/zSfdT8Q0zAzL4CPyawrlbczip9qbmTeF+7K8f7k6ksGN/0mr
G2aaf6Kuor9sEhEfIXeujMINhiO9iV2KJ4wEMirGk28GfP1YhcFYE3GzvOoM+xFt
bN1zB8rHBkesrjpjz0EMH5nGicZtlUQuzTNtrRJuWOhd4O1cgppJcaT7QWBeZrQ=
=YqTr
-----END PGP SIGNATURE-----


Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ