Cross Site Scripting on Whois

Considering how many sites scrape or use Whois info, I’d say that a hole like that is pretty massive for hackers.

Cross Site Scripting on Whois

January
18th
2008

comments below

“Most domain registrars (have yet to find one that does) will not filter what you put on your REGISTRANT CONTACT INFO and WILL allow the script tag! ”

Considering how many sites scrape or use Whois info, I’d say that a hole like that is pretty massive for hackers.

bookmark this article:

Tagged: none

You must be logged in to post a comment.

Posted by QuadsZilla

RSS

Black Hat Forum

About our Private Forum

Recent Threads:

- Pages
Categories
- Adult Industry (19)
- Affiliate Marketing (6)
- Black Hat SEO Site Reviews (10)
- Black Hat Tools (25)
- Click Fraud (7)
- Cloaking (15)
- Comment Spam (15)
- Computer Generated Content (12)
- CSS Spam (4)
- Directories (4)
- Domain (9)
- Doorway Pages (6)
- Ethics (8)
- Google (138)
  - Adsense (28)
- GoogleBowling (3)
- Keyword Stuffing (7)
- Link Bait (20)
- Link Dumping (14)
- MSN (32)
- Myspace Friends (11)
- Poker (19)
- Redirects (9)
- Scrapers (8)
- Search Engine Spam (34)
- Spamouflage (7)
- Trackback (3)
- Typo Spam (3)
- White Hat vs Black Hat (12)
- XSS Cross Site Scripting (10)
- Yahoo (41)

Cross Site Scripting on Whois

Considering how many sites scrape or use Whois info, I’d say that a hole like that is pretty massive for hackers.

Cross Site Scripting on Whois

Leave a Reply

Black Hat Forum

Pages

Categories