Safest Whois

[geek]

After so many issues about domain tasting, i still have no clue which is the safest Whois where nobody will know what domain we searched. So can you tell me where can i find the safest Whois?

 

[nRnF]

You never can be shure, unless you use your own one

You may use mine:
www.targetdomain.com/cgi-bin/whois.cgi?domain.com
100% unmonitored.

BTW, who cares of monitored whois/domain suggestions ?
If the domain you like shows as unregged --> reg it right away.
If you need more time to think, then its not worth it

 

[amoeba]

Safest to use your own.
Real simple one to get you started, if you're on a *nix host:

<?php

$q = $_GET['q'];
header('Content-Type: text/plain');
$q = ereg_replace("[^A-Za-z0-9\.]", " ", $q);
system('whois ' . $q);

?>

Then you can call yoursite.com/whois.php?q=somename.com
You could write a pretty form for it if you wanted.

 

[geek]

Safest to use your own.
Real simple one to get you started, if you're on a *nix host:

<?php

$q = $_GET['q'];
header('Content-Type: text/plain');
$q = ereg_replace("[^A-Za-z0-9\.]", " ", $q);
system('whois ' . $q);

?>

Then you can call yoursite.com/whois.php?q=somename.com
You could write a pretty form for it if you wanted.

With this code I'll be able to check whois? What if my server is an Apache?

 

[amoeba]

With this code I'll be able to check whois? What if my server is an Apache?

That's right, as long as your host is on a Unix/Linux system and has the `whois` command-line utility enabled. If your host is using the Apache webserver, chances are it's on Unix or Linux. All the hosts I've tried so far have whois enabled. For an example of the output:

http://rocket.launcher.org/whois?q=NamePros.com

 

[geek]

That's right, as long as your host is on a Unix/Linux system and has the `whois` command-line utility enabled. If your host is using the Apache webserver, chances are it's on Unix or Linux. All the hosts I've tried so far have whois enabled. For an example of the output:

http://rocket.launcher.org/whois?q=NamePros.com

Holy cow that is amazing! I think this would be the safest way to search for a domain availability and prevent domain tasting right?

Ah i tried, it says: system() has been disabled for security reasons
What should i do? By the way can you explain the function of each line? Thanks.

 

[amoeba]

Ah i tried, it says: system() has been disabled for security reasons
What should i do?

Hmm. If your host has the system() call in php disabled, this prevents you from calling the whois tool (or any other command-line tools). You should try replacing system() with exec(), or using the backtick operator (e.g. `whois $q`

Also, while digging around on php.net, I found escapeshellarg(). So there's no need for my regex.

By the way can you explain the function of each line?

<?php

$q = $_GET['q']; // get the input domain
header('Content-Type: text/plain'); // tell the browser we're outputting a text document
$q = escapeshellarg($q); // strip out non-alphanumeric characters except dots, to prevent injection attacks
system('whois ' . $q); // call the whois command-line utility

?>

Try replacing the last line with:
exec('whois ' . $q);
or
`whois $q`;

 

[geek]

Hmm. If your host has the system() call in php disabled, this prevents you from calling the whois tool (or any other command-line tools). You should try replacing system() with exec(), or using the backtick operator (e.g. `whois $q`

Also, while digging around on php.net, I found escapeshellarg(). So there's no need for my regex.


<?php

$q = $_GET['q']; // get the input domain
header('Content-Type: text/plain'); // tell the browser we're outputting a text document
$q = escapeshellarg($q); // strip out non-alphanumeric characters except dots, to prevent injection attacks
system('whois ' . $q); // call the whois command-line utility

?>

Try replacing the last line with:
exec('whois ' . $q);
or
`whois $q`;

I've tried the exec('whois ' . $q); but it just output a blank page.

 

[dhscott]

You will have to use fsock to open port 43 and query each specific WHOIS server individually

 

[geek]

You will have to use fsock to open port 43 and query each specific WHOIS server individually

But how did he do that?
http://rocket.launcher.org/whois?q=NamePros.com

Satchel, i wonder why the link works and doesn't show: "system() has been disabled for security reasons"? Did the launcher.org server enabled the system()
Should i ask my server admin to enable it too? Will it cause security problem?

 

[Sam]

Use good old DNAZ. Unmonitered

 

[dhscott]

You will have to use fsock to open port 43 and query each specific WHOIS server individually

It's PHP, sorry!

 

[amoeba]

It's PHP, sorry!

You could still do that in PHP using fsockopen().

Kahsoon, I've poked around looking for free php hosts that support exec() and whois. Try www.zendurl.com with the following script:

<?php
$q = trim($_GET['q']);
if($q != '') {
	exec('whois ' . escapeshellarg($q), $whois);
	$whois = join("\n", $whois);
	$whois = ereg_replace('(<!--.*-->)|(<script.*</script>)', '', $whois);
	$whois = ereg_replace('Visit AboutUs.*</a>', '', $whois);
}
echo <<< END
<form action="{$_SERVER['PHP_SELF']}?>" method="get">
	whois:
	<input type="text" name="q" value="$q" />
	<input type="submit" value="Go" />
</form>
<pre>$whois</pre>
END;
?>

The ZendURL whois client seems to have the annoying habit of adding a javascript counter and some html to the output, so I added code to strip that out. Here's a sample of the above code in action:

http://www.zendurl.com/fuzzy/whois.php?q=NamePros.com

It's also got a simple form. Customize it as you need.

 

[geek]

You could still do that in PHP using fsockopen().

Kahsoon, I've poked around looking for free php hosts that support exec() and whois. Try www.zendurl.com with the following script:

<?php
$q = trim($_GET['q']);
if($q != '') {
	exec('whois ' . escapeshellarg($q), $whois);
	$whois = join("\n", $whois);
	$whois = ereg_replace('(<!--.*-->)|(<script.*</script>)', '', $whois);
	$whois = ereg_replace('Visit AboutUs.*</a>', '', $whois);
}
echo <<< END
<form action="{$_SERVER['PHP_SELF']}?>" method="get">
	whois:
	<input type="text" name="q" value="$q" />
	<input type="submit" value="Go" />
</form>
<pre>$whois</pre>
END;
?>

The ZendURL whois client seems to have the annoying habit of adding a javascript counter and some html to the output, so I added code to strip that out. Here's a sample of the above code in action:

http://www.zendurl.com/fuzzy/whois.php?q=NamePros.com

It's also got a simple form. Customize it as you need.

Ah and i got this instead:
[Querying whois.internic.net]
[whois.internic.net: Servname not supported for ai_socktype]
[Unable to connect to remote host]

http://www.whoisscript.net/

Do you think this will work if i buy the pro version?

 

[amoeba]

Don't bother buying anything. Did you get the above error while using it on zendurl.com? Can you send me a link?

 

[geek]

Don't bother buying anything. Did you get the above error while using it on zendurl.com? Can you send me a link?

I got this when i use it on my domain:
[Querying whois.internic.net]
[whois.internic.net: Servname not supported for ai_socktype]
[Unable to connect to remote host]

 

[amoeba]

I've written this version which implements the whois protocol using sockets. It also gets the whole record for thin-server registries, e.g. .com or .net, where the record is split between the registry and the registrar servers.

<?php
$q = trim($_GET['q']);
if($q != '') {
	$tld = array_pop(explode('.', $q));
	$server = $tld.'.whois-servers.net';
	if(gethostbyname($server) != $server) {
		$fp = fsockopen($server, 43, $errno, $errstr, 30);
		if (!$fp) $whois =  "$errstr ($errno)<br />\n";
		else {
			$whois = '';
			fwrite($fp, $q. "\n");
			while (!feof($fp)) $whois .= fgets($fp, 128);
			fclose($fp);
		}
	}
	else $whois = 'No whois server found for .'.$tld;
	if(preg_match("/whois server:(.*)\n/i", $whois, $matches)) {
		$regServer = trim($matches[1]);
		if(gethostbyname($regServer) != $regServer) {
			$fp = fsockopen($regServer, 43, $errno, $errstr, 30);
			if (!$fp) $regWhois =  "$errstr ($errno)<br />\n";
			else {
				$regWhois = '';
				fwrite($fp, $q. "\n");
				while (!feof($fp)) $regWhois .= fgets($fp, 128);
				fclose($fp);
			}
		}
		else $regWhois = "$regServer not found";
	}
}
echo <<< END
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
 "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
	<head>
		<title>whois $q</title>
	</head>
	<body>
	
<form action="{$_SERVER['PHP_SELF']}?>" method="get">
	whois:
	<input type="text" name="q" value="$q" />
	<input type="submit" value="Go" />
</form>
<pre>$whois$regWhois</pre>
	</body>
</html>
END;
?>

Try that on your original host. It requires PHP with sockets enabled, which is the default, so I think you should be good.

Sorry about the messy code, I'll probably clean it up and post a better version at some poit.

 

[geek]

It didn't work, it just show a blank page. Actually how this link did it?
http://rocket.launcher.org/whois?q=NamePros.com

 

[Optinom]

Whois.hm - Safety assured by Smooth

 

[AzN]

http://www.whois-software.com/free-whois-software.php

I use this software and it's absolutely good!
Fast queries to the authoritive whois server and everything is done from your computer, no need going through another server