Deep Look At Netdevilz XSS : Hacked

These days xss and sql injection and mostly blind sql injections are working allot as we have also covered many of them like the Intel one, and many others too but this time the big domain tool is hacked.

 Deep Look At Netdevilz XSS : Hacked


Well i am not sure that many of you guys won't know what is whois, so here is the basic information about it.


WHOIS (pronounced as the phrase who is) is a query/response protocol that is widely used for querying databases in order to determine the registrant or assignee of Internet resources, such as a domain name, an IP address block, or an autonomous system number. ~ via Wiki


The WHOIS system originated as a method for system administrators to obtain contact information for IP address assignments or domain name administrators So, the end of the story tells that it is useful…


The Website was hacked about 1 to 2 days ago, by any hacker named Netdevil as of till now the hacker is pretty good in it as he have also previously hacked, which is another pretty popular photo sharing website, back in 2008.


This Turkish hacker have also Hacked ICANN website back also and have stricked again now in 2010 attacking Well i am not sure about it but some guys are saying that Netdevilz have also Hacked and before.

Screen Shots


Deep Look At Netdevilz XSS : Hacked



Deep Look At Netdevilz XSS : Hacked

*Click to view Full Size



Well until now you would be sure that Netdevilz used the XSS vulnerability in the web form to attack the website and hack the whole domain or you can say Full Ownage. The attack is a kind of clever and is my favorite XSS, A poisoned whois xD


If you look at the screenshot above of the xss, you would find the attacker script have been initialized the vector on the name of the form ..



Well the &formaction is a kind of vulnerable to XSS and is hence attacked, i would like to thanks Security-Shell for this information of the XSS initializer and looking at the xss in the website.



Try it, if this works then awesome or it might be fixed till yet Enjoy this little hack, if you guy would like to learn more about xss hacking then you can see the
Basic XSS hacking article on the blog.


Thanks to d3v1l from Security-Shell For this information about the xss.


Happy Hacking @hackerthedude