IRCCloud had a local.irccloud.com mapped to 127.0.0.1 in public DNS systems. This made it possible for users to launch same-site scripting attacks.
How To Perform
- Install the knock python script
- Perform scan
- Check results for localhost/127.0.0.1