Metasploit mailing list archives
DNS cache poisoning difficulty
From: flyingdervish at yahoo.com (Sat Jagat Singh)
Date: Tue, 29 Jul 2008 11:40:09 -0700 (PDT)
In testing the spoof/dns/bailiwicked_host (and also bailiwicked_domain) modules on an internal penetration test I have encountered a challenge with firewall filtering of egress to external DNS servers. Let me be clear, I am on the LAN. DNS traffic is not permitted out to the internet except from the organization's own internal DNS servers that perform recursive queries for internal users. With the following settings: HOSTNAME attacker.yahoo.com NEWADDR 192.168.1.100 (my address) RECONS 192.168.1.50 RHOST 192.168.1.51 Metasploit gets to a point where it attempts to query yahoo's nameserver for authoritativeness and just hangs since the traffic gets dropped at the firewall. Any suggestions?
Current thread:
- DNS cache poisoning difficulty Sat Jagat Singh (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)
- DNS cache poisoning difficulty Jefferson, Shawn (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)
- DNS cache poisoning difficulty natron (Jul 29)
- DNS cache poisoning difficulty Jefferson, Shawn (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)