Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Using domain whois information for fun and profit
From: Joachim Schipper <j.schipper () math uu nl>
Date: Mon, 27 Feb 2006 22:06:06 +0100

On Mon, Feb 27, 2006 at 02:41:17PM -0600, Response Team wrote:
The whois information for this domain contains a <script> tag. This means if
you are to view the whois information on any HTML based page, the script is

   Avenida Caroni 5478
   Colinas Monte, Caracas
   domains () domibot com

   Status: PROTECTED

A google search for HTML based Whois pages turned up: http://
If you do a whois on carefreetravelmn.com, you get a popup window.

Should internic allow <tags> to be used in domain registration contact info?

Why not? It's not like it's internic's problem that some
people/programmers do stupid things.

Blacklists wouldn't work anyway, and it's, again, not internic's fault
or problem.

And there is no reason to use a web-based client when all serious
networking operating systems come with a whois client supplied (or at
least very, very easily installed).

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]