Deep Look At Netdevilz XSS : Whois.com Hacked

These days xss and sql injection and mostly blind sql injections are working allot as we have also covered many of them like the Intel one, and many others too but this time the big domain tool whois.com is hacked.

 

 

Well i am not sure that many of you guys won't know what is whois, so here is the basic information about it.

 

WHOIS (pronounced as the phrase who is) is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. ~ via Wiki

 

The WHOIS system originated as a method for system administrators to obtain contact information for IP address assignments or domain name administrators So, the end of the story tells that it is useful…

 

The Website was hacked about 1 to 2 days ago, by any hacker named Netdevil as of till now the hacker is pretty good in it as he have also previously hacked photobucket.com, which is another pretty popular photo sharing website, back in 2008.

 

This Turkish hacker have also Hacked ICANN website back also and have stricked again now in 2010 attacking Whois.com. Well i am not sure about it but some guys are saying that Netdevilz have also Hacked xiana.com and xssed.com before.

Screen Shots

 

 

 

*Click to view Full Size

 

XSS

Well until now you would be sure that Netdevilz used the XSS vulnerability in the web form to attack the website and hack the whole domain or you can say Full Ownage. The attack is a kind of clever and is my favorite XSS, A poisoned whois xD

 

If you look at the screenshot above of the xss, you would find the attacker script have been initialized the vector on the name of the form ..

 

http://domains.whois.com/domain.php?action=check_availability&goto=metarefresh&formaction=%22%3E%3Cscript%3Ealert(String.fromCharCode(88,83,83))%3C/script%3E

 

Well the &formaction is a kind of vulnerable to XSS and is hence attacked, i would like to thanks Security-Shell for this information of the XSS initializer and looking at the xss in the website.

 

Conclusion

Try it, if this works then awesome or it might be fixed till yet Enjoy this little hack, if you guy would like to learn more about xss hacking then you can see the
Basic XSS hacking article on the blog.

 

Thanks to d3v1l from Security-Shell For this information about the xss.

 

Happy Hacking @hackerthedude

Posted by R2blog. R2blog auto post for blogspot. Download at http://R2blogger.blogspot.com