A "whois" through the command line
I did a whois command through the command line on microsoft.com. The network utility application returns normal results, but I get this through the command line.
I just thought it was interesting, and well, they didn't hack anything. they spoofed it :P I get a chuckle when I see "MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NE T", hax0red what? kiddies..
Quote:
[Sphere01:~] jdewind% whois microsoft.com
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET
MICROSOFT.COM.WILL.LIVE.FOREVER.BECOUSE.UNIXSUCKS. COM
MICROSOFT.COM.WILL.CRASH.IN.6MN.ORG
MICROSOFT.COM.WILL.BE.SLAPPED.IN.THE.FACE.BY.MY.BL UE.VEINED.SPANNER.NET
MICROSOFT.COM.WILL.BE.BEATEN.WITH.MY.SPANNER.NET
MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM
MICROSOFT.COM.WANADOODOO.COM
MICROSOFT.COM.SUX.BUT.PYROFREAK.ORG.RULEZ.AND.DIOX YTECH.NET.DELETED.GANDI.NET
MICROSOFT.COM.SMELLS.SIMPLECODES.COM
MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.CO M
MICROSOFT.COM.RUNS.ON.AN.8088.ORG
MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA
MICROSOFT.COM.OHMYGODITBURNS.COM
MICROSOFT.COM.LOVES.JU1C3.COM
MICROSOFT.COM.LIVES.AT.SHAUNEWING.COM
MICROSOFT.COM.IS.SOON.GOING.TO.THE.DEATHCORPORATIO N.COM
MICROSOFT.COM.IS.NOT.SEXYCOOL.ORG
MICROSOFT.COM.IS.NOT.AS.COOL.AS.SIMPLECODES.COM
MICROSOFT.COM.IS.GOD.BECOUSE.UNIXSUCKS.COM
MICROSOFT.COM.IS.A.STEAMING.HEAP.OF.****ING-BULLSHIT.NET
MICROSOFT.COM.HAS.TEH.GAY.OMFGLOL.COM
MICROSOFT.COM.HAS.ITS.OWN.CRACKLAB.COM
MICROSOFT.COM.HAS.A.PRESENT.COMING.FROM.HUGHESMISS ILES.COM
MICROSOFT.COM.FILLS.ME.WITH.BELLIGERENCE.NET
MICROSOFT.COM.CUZ.I.WANNA.BE.COOL.TOO.TRUEDESIGN.C OM
MICROSOFT.COM.CAN.SUCK.MY.SERVEREXTREME.ORG
MICROSOFT.COM.CAN.GO.****.ITSELF.AT.SECZY.COM
MICROSOFT.COM.CAN.BLOWME.ORG
MICROSOFT.COM.ARE.GODDAMN.PIG****ERS.NET
MICROSOFT.COM.AND.MINDSUCK.BOTH.SUCK.HUGE.ONES.AT. EXEGETE.NET
MICROSOFT.COM.AINT.WORTH.SHIT.KLUGE.ORG
MICROSOFT.COM
To single out one record, look it up with "xxx", where xxx is one of the
of the records displayed above. If the records are the same, look them up
with "=xxx" to receive a full display for each record.
[Sphere01:~] jdewind% whois microsoft.com
Whois Server Version 1.3
Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.
MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NET
MICROSOFT.COM.WILL.LIVE.FOREVER.BECOUSE.UNIXSUCKS. COM
MICROSOFT.COM.WILL.CRASH.IN.6MN.ORG
MICROSOFT.COM.WILL.BE.SLAPPED.IN.THE.FACE.BY.MY.BL UE.VEINED.SPANNER.NET
MICROSOFT.COM.WILL.BE.BEATEN.WITH.MY.SPANNER.NET
MICROSOFT.COM.WAREZ.AT.TOPLIST.GULLI.COM
MICROSOFT.COM.WANADOODOO.COM
MICROSOFT.COM.SUX.BUT.PYROFREAK.ORG.RULEZ.AND.DIOX YTECH.NET.DELETED.GANDI.NET
MICROSOFT.COM.SMELLS.SIMPLECODES.COM
MICROSOFT.COM.SHOULD.GIVE.UP.BECAUSE.LINUXISGOD.CO M
MICROSOFT.COM.RUNS.ON.AN.8088.ORG
MICROSOFT.COM.RAWKZ.MUH.WERLD.MENTALFLOSS.CA
MICROSOFT.COM.OHMYGODITBURNS.COM
MICROSOFT.COM.LOVES.JU1C3.COM
MICROSOFT.COM.LIVES.AT.SHAUNEWING.COM
MICROSOFT.COM.IS.SOON.GOING.TO.THE.DEATHCORPORATIO N.COM
MICROSOFT.COM.IS.NOT.SEXYCOOL.ORG
MICROSOFT.COM.IS.NOT.AS.COOL.AS.SIMPLECODES.COM
MICROSOFT.COM.IS.GOD.BECOUSE.UNIXSUCKS.COM
MICROSOFT.COM.IS.A.STEAMING.HEAP.OF.****ING-BULLSHIT.NET
MICROSOFT.COM.HAS.TEH.GAY.OMFGLOL.COM
MICROSOFT.COM.HAS.ITS.OWN.CRACKLAB.COM
MICROSOFT.COM.HAS.A.PRESENT.COMING.FROM.HUGHESMISS ILES.COM
MICROSOFT.COM.FILLS.ME.WITH.BELLIGERENCE.NET
MICROSOFT.COM.CUZ.I.WANNA.BE.COOL.TOO.TRUEDESIGN.C OM
MICROSOFT.COM.CAN.SUCK.MY.SERVEREXTREME.ORG
MICROSOFT.COM.CAN.GO.****.ITSELF.AT.SECZY.COM
MICROSOFT.COM.CAN.BLOWME.ORG
MICROSOFT.COM.ARE.GODDAMN.PIG****ERS.NET
MICROSOFT.COM.AND.MINDSUCK.BOTH.SUCK.HUGE.ONES.AT. EXEGETE.NET
MICROSOFT.COM.AINT.WORTH.SHIT.KLUGE.ORG
MICROSOFT.COM
To single out one record, look it up with "xxx", where xxx is one of the
of the records displayed above. If the records are the same, look them up
with "=xxx" to receive a full display for each record.
I just thought it was interesting, and well, they didn't hack anything. they spoofed it :P I get a chuckle when I see "MICROSOFT.COM.ZZZ.IS.0WNED.AND.HAX0RED.BY.SUB7.NE T", hax0red what? kiddies..
Comments
bash-2.05b$ whois microsoft.com
Found a referral to whois.networksolutions.com.
NOTICE AND TERMS OF USE: You are not authorized to access or query our WHOIS database through the use of high-volume, automated, electronic processes. The
Data in Network Solutions' WHOIS database is provided by Network Solutions for information
purposes only, and to assist persons in obtaining information about or related
to a domain name registration record. Network Solutions does not guarantee its accuracy.
By submitting a WHOIS query, you agree to abide by the following terms of use:
You agree that you may use this Data only for lawful purposes and that under no
circumstances will you use this Data to: (1) allow, enable, or otherwise support
the transmission of mass unsolicited, commercial advertising or solicitations
via e-mail, telephone, or facsimile; or (2) enable high volume, automated,
electronic processes that apply to Network Solutions (or its computer systems). The
compilation, repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of Network Solutions. You agree not to use
high-volume, automated, electronic processes to access or query the WHOIS
database. Network Solutions reserves the right to terminate your access to the WHOIS
database in its sole discretion, including without limitation, for excessive
querying of the WHOIS database or for failure to otherwise abide by this policy.
Network Solutions reserves the right to modify these terms at any time.
Registrant:
Microsoft Corporation (MICROSOFT-DOM)
1 microsoft way
One Microsoft Way
redmond, WA 98052
US
Domain Name: MICROSOFT.COM
Administrative Contact:
MICROSOFT CORPORATION (EPMKOEAUSO) [email protected]
One Microsoft Way
Redmond, WA 98052
US
425 882 8080 fax: 206 703 2641
Technical Contact:
MICROSOFT CORPORATION (EJSEHEQUAO) [email protected]
One Microsoft Way
Redmond, WA 98052
US
425-882-8080
Record expires on 03-May-2012.
Record created on 02-May-1991.
Database last updated on 30-Dec-2003 15:13:17 EST.
Domain servers in listed order:
DNS1.CP.MSFT.NET 207.46.138.20
DNS1.TK.MSFT.NET 207.46.245.230
DNS3.UK.MSFT.NET 213.199.144.151
DNS1.DC.MSFT.NET 64.4.25.30
DNS1.SJ.MSFT.NET 65.54.248.222
If I own appleinsider.com, I can create domains such as www.appleinsider.com and forums.appleinsider.com.
SImilarly, I can create apple.hates.appleinsider.com or microsoft.loves.appleinsider.com or any other *.appleinsider.com variation. That's what those people have done probably with the sole intent of making a mockery of Microsoft in the whois databases.
Originally posted by Brad
Actually, those are all perfectly normal.
If I own appleinsider.com, I can create domains such as www.appleinsider.com and forums.appleinsider.com.
SImilarly, I can create apple.hates.appleinsider.com or microsoft.loves.appleinsider.com or any other *.appleinsider.com variation. That's what those people have done probably with the sole intent of making a mockery of Microsoft in the whois databases.
Well, yes. But why would microsoft do that to themselves? :P That's why it had to be spoofed.
Originally posted by dewindj
Well, yes. But why would microsoft do that to themselves? :P That's why it had to be spoofed.
You have it backwards. The domain names you're seeing are subdomains of various other domain names. For example:
MICROSOFT.COM.AINT.WORTH.SHIT.KLUGE.ORG
is a subdomain of kluge.org. I own psyresearch.com. I could do microsoft.com.sucks.big.donkey.balls.psyresearch.c om and it would come up in a whois search for microsoft.com.
Originally posted by Brad
torifile gets a cookie.
Indeed
Originally posted by dewindj
I understand that an administrator can do as many subdomains as he or she likes. But when I do a whois query *for* microsoft.com, why would it return bizarre domain names. Perhaps I am just being entirely ignorant too
One more time. Heh.
Say I own appleinsider.com. I can create anything *.appleinsider.com such as:
www.appleinsider.com
forums.appleinsider.com
apple.hates.appleinsider.com
microsoft.loves.appleinsider.com
microsoft.com.is.not.appleinsider.com
microsoft.com.got.smacked.by.appleinsider.com
why.visit.microsoft.com.when.you.have.appleinsider .com
The last three would appear in your search for "microsoft.com" because they both contain the string by which you searched.
microsoft.com.is.not.appleinsider.com
microsoft.com.got.smacked.by.appleinsider.com
why.visit.microsoft.com.when.you.have.appleinsider.com
Emphasis above shows the search string in the result.
Got it?