Metasploit mailing list archives
DNS cache poisoning difficulty
From: hdm at metasploit.com (H D Moore)
Date: Tue, 29 Jul 2008 14:21:31 -0500
With your setup, the exploits won't work. You could modify the exploit locally, remove the authoritative checks, and hardcode barbs = [ "ip1", "ip2", "ip3"]. Alternatively, add a new option to specify the list of nameservers to spoof and submit the patch :-) On Tuesday 29 July 2008, Sat Jagat Singh wrote:
In testing the spoof/dns/bailiwicked_host (and also bailiwicked_domain) modules on an internal penetration test I have encountered a challenge with firewall filtering of egress to external DNS servers. ?Let me be clear, I am on the LAN. ?DNS traffic is not permitted out to the internet except from the organization's own internal DNS servers that perform recursive queries for internal users.
Metasploit gets to a point where it attempts to query yahoo's nameserver for authoritativeness and just hangs since the traffic gets dropped at the firewall.
Any suggestions?
Current thread:
- DNS cache poisoning difficulty Sat Jagat Singh (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)
- DNS cache poisoning difficulty Jefferson, Shawn (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)
- DNS cache poisoning difficulty natron (Jul 29)
- DNS cache poisoning difficulty Jefferson, Shawn (Jul 29)
- DNS cache poisoning difficulty H D Moore (Jul 29)