From efe86adc3dc8bca98147ea953432671d748a8546 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anton=20=C5=A0ijanec?= Date: Thu, 11 Apr 2019 00:47:25 +0200 Subject: Created ws.php no Tor needed, queries samoanic (WS TLD registry) that should have a limit of 15 requests per day per IP /24, but a deadly simple "exploit" was found by me. llol --- ws.php | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) create mode 100644 ws.php diff --git a/ws.php b/ws.php new file mode 100644 index 0000000..7c5c246 --- /dev/null +++ b/ws.php @@ -0,0 +1,39 @@ +#!/usr/bin/env php + '', + 'xs' => "", + 'notfromwhois' => '', + 'domain' => $znak1.$znak2, + 'tld' => "WS" + ) + ); + + $opts = array('http' => + array( + 'method' => 'POST', + 'header' => 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8', + 'content' => $postdata + ) + ); + + $context = stream_context_create($opts); + + $result = file_get_contents('http://samoanic.ws/whois.dhtml', false, $context); + if (strpos($result, 'Congratulations') !== false) { + echo $znak1.$znak2.".ws <-- FREE\n"; + } else { + echo $znak1.$znak2.".ws <-- REGISTERED\n"; + } + } +} +?> -- cgit v1.2.3