Whois XSS

Posted by k

December 3, 2007

This is massive. I wonder why no one has ever posted this somewhere.

Most domain registrars (have yet to find one that does) will not filter what you put on your REGISTRANT CONTACT INFO and WILL allow the script tag! Just try for yourself and rebaptize yourself as : John <script>alert("Black Hat Domainer")</script>

As you know, being able to run scripts, the sky is the limit. You can be a hacker and steal document.cookie to hijack a session to get complete access to another domainer account or be a nice guy and put an entire cool game on your registrant contact info.

Keep in mind you will be injecting your own page, so you better use it to more harmless stuff like logging people’s visits.

Who is vulnerable? Many, many whois info grab pages, including Whois.net or registrar Dynadot.com.

Update: Dynadot fixed the xss, after some fuzz on some well known domainers forums. Others are still vulnerable.

Last, but not least, it’s not everyday you receive such a nice compliment from one of the top gurus ever!

Thanks RSnake!

Uncategorized

You Like! Please Share

The Expired Domain Auctions Arbitrage Loophole Godaddy and Dynadot (there may be others) run a very peculiar expired domain auctions service, which...

Few SEO Myths I am Researching I am always testing new link building methods to see what works and what does not work. I never ever...

Network Solutions is evil A member on DomainState reports that Network Solutions is registering domains after availability lookups,...

Don’t Allow Inaccuracies to Undermine your Site or SEO We are all susceptible to the odd typo. They can sneak in when you’re least expecting it and somehow...

Grab This Widget

If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.