Metasploit mailing list archives
DNS cache poisoning difficulty
From: flyingdervish at yahoo.com (Sat Jagat Singh)
Date: Tue, 29 Jul 2008 11:40:09 -0700 (PDT)
In testing the spoof/dns/bailiwicked_host (and also bailiwicked_domain) modules on an internal penetration test I have
encountered a challenge with firewall filtering of egress to external DNS servers. Let me be clear, I am on the LAN.
DNS traffic is not permitted out to the internet except from the organization's own internal DNS servers that perform
recursive queries for internal users.
With the following settings:
HOSTNAME attacker.yahoo.com
NEWADDR 192.168.1.100 (my address)
RECONS 192.168.1.50
RHOST 192.168.1.51
Metasploit gets to a point where it attempts to query yahoo's nameserver for authoritativeness and just hangs since the
traffic gets dropped at the firewall.
Any suggestions?
Current thread:
- DNS cache poisoning difficulty Sat Jagat Singh (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)
- DNS cache poisoning difficulty Jefferson, Shawn (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)
- DNS cache poisoning difficulty natron (Jul 29)
- DNS cache poisoning difficulty Jefferson, Shawn (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)