Full Disclosure mailing list archives
Re: Exploiting Microsoft dynamic Dns updates
From: "Andres Tarasco" <atarasco () gmail com>
Date: Tue, 3 Apr 2007 17:22:40 +0200
Dear Denis, As I told before, this feature/vulnerability related with dynamic dns updates is known for a long time. My experience has demonstrated that this weak configuration is very common and extended between most companies and some of the attack vectors that I exposed were never considered as a threat. I agree with you that Windows 2003 provides more security, but that's not the default configuration with windows 2000 server. I was not aware of nsupdate tool so I coded Dnsfun just as a proof of concept (not as a high-sk1llz hacker tool). It helped me to test some configuration issues. If it also helps people to identify risky configurations then its enough for me. Andres Tarasco 2007/4/3, Denis Jedig <dj () syneticon de>:
On Thu, 22 Mar 2007 11:35:18 +0100 Andres Tarasco wrote: > By default, most Microsoft DNS servers integrated with active directory allow > insecure dynamic updates for dns records. This statement is way too broad. Creating an AD-integrated zone in Windows Server 2003 does create a "secure updates only" zone by default. You can influence this behavior in the zone creation wizard though. > dnsfun exploits that weak configuration and allows remote users to modify dns records. I am not sure if I do see the point in rewriting nsupdate from bindtools. I am also quite uncertain if this really might count as a "hacker" or "security" tool of any kind. -- Denis Jedig syneticon networks GbR http://syneticon.net/service/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Exploiting Microsoft dynamic Dns updates Denis Jedig (Apr 03)
- Re: Exploiting Microsoft dynamic Dns updates Andres Tarasco (Apr 03)