Metasploit mailing list archives
DNS
From: hdm at metasploit.com (H D Moore)
Date: Thu, 31 Jul 2008 10:39:57 -0500
The version number has little to do with exploitability. For example, the BIND 9.5.0-P1 (patched) release is still easily exploitable if the source port has been set to be static (query-source * 53). You can use a standard BIND version query to probe these machines for patch level, but you still need to verify the query source port has been randomized. On Thursday 31 July 2008, Wright, Gareth wrote:
Our network runs under a chain of dns servers and I?ll need to work my way up/down them to probe for a weak link in the chain. Is it not possible to request the version number of networks dns servers, thus avoiding the need to perform a manual hijack attempt.
Current thread:
- DNS Wright, Gareth (Jul 31)
- DNS H D Moore (Jul 31)