Nmap Development mailing list archives
[UPDATED] [SCRIPT] Check DNS server against porttest, txidtest (CVE-2008-1447)
From: Brandon Enright <bmenrigh () ucsd edu>
Date: Mon, 28 Jul 2008 21:20:07 +0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Okay so hopefully this is the last email I have to burden you all with on this subject :-) I spoke to Duane and he's okay with us advertising/including this script that checks againt porttest.dns-oarc.net (I included Duane's email below.) He also setup txidtest.dns-oarc.net to check the relative randomness of transaction IDs. In setting these two service up, he changed the format slightly so that they match up (GREAT, GOOD, POOR, UNKNOWN) with the web service (https://www.dns-oarc.net/oarc/services/dnsentropy) he's setup. I had to change the offsets in the parsing routine to make the scripts grab the fields correctly. These scripts could really benefit from a real DNS parsing library (or just unpack()...). So attached are two scripts, the first queries porttest and the second txidtest. I would like to use just one script. It seems 'hard' though to send two packets on a socket and then do a select() on that socket in Lua. If someone wants to combine these scripts I'm all for it. I have changed the licensing information and headers in the scripts to reflect my correspondence with Duane. Brandon Duane's response follows: === Hi Brandon,
So what I'm really asking is three-fold: * Are you open to public advertisement of this script, especially at Fyodor's Black Hat talk?
yes.
* How long do you plan on running porttest?
Obviously the service is valuable to the community so OARC will continue to run it as long as OARC exists (and probably even for a while after that). In other words, we have no plans to stop running it.
* Are you open to this script being included in the Nmap package, and maybe even potentially on by default?
yes If you have documentation that refers to porttest please include this URL if possible: https://www.dns-oarc.net/oarc/services/porttest Also note that I just finished modifying it so that you can also examine transaction ID behavior: dig +short txidtest.dns-oarc.net txt Duane W. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkiOOA4ACgkQqaGPzAsl94LYwwCggL65bVQ4qc2F/kjm006Jyr0b FqQAoI8pW+qAPxLxQuI783u3FKSi2F5f =qvNB -----END PGP SIGNATURE-----
Attachment:
dns-safe-recursion-port.nse
Description:
Attachment:
dns-safe-recursion-txid.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- [UPDATED] [SCRIPT] Check DNS server against porttest, txidtest (CVE-2008-1447) Brandon Enright (Jul 28)
- Re: [UPDATED] [SCRIPT] Check DNS server against porttest, txidtest (CVE-2008-1447) Duane Wessels (Jul 28)
- Re: [UPDATED] [SCRIPT] Check DNS server against porttest, txidtest (CVE-2008-1447) Brandon Enright (Jul 28)
- Re: [UPDATED] [SCRIPT] Check DNS server against porttest, txidtest (CVE-2008-1447) Duane Wessels (Jul 28)