Metasploit mailing list archives
metasploit service for dns vulnerability check offline
From: j.s.sebastian at gmail.com (Paolo)
Date: Thu, 23 Apr 2009 14:27:57 +0200
Hi all, I am using the auxiliary/spoof/dns/bailiwicked_domain module, which uses the kaminsky attack to do dns cache poisoning. To check if a server is vulnerable (uses a static source port), and to find out which port it uses, this module sends TXT queries for domains like: spoofprobe-check-1-9997847822.red.metasploit.com I presume that the server for the red subdomain should then reply putting the port number used by the server in the TXT section. Unfortunately this server is down (in fact, the red subdomain does not resolve). Is this intentional? are there any plans to put it back up? regards, Paolo
Current thread:
- metasploit service for dns vulnerability check offline Paolo (Apr 23)
- windows/smb/psexec accepting hashes? jeffs (Apr 24)
- windows/smb/psexec accepting hashes? H D Moore (Apr 24)
- windows/smb/psexec accepting hashes? jeffs (Apr 24)