Metasploit mailing list archives
Exploit for the DNS cache poisoning vulnerability...
From: one.miguel at gmail.com (Juan Miguel Paredes)
Date: Thu, 24 Jul 2008 11:33:40 +0200
Thanks HD. I'm trying to understand this and get this to work in our lab. In our environment, we have internet-facing DNS servers. The only systems allowed to query the internet-facing DNS servers are internal DNS caching servers. All internal users can only query the caching servers. (sorry, I'm not a DNS guy so my terminology is wrong, I'm sure). Attacker can't hit either the internet-facing DNS server or the caching servers from outside. An attacker would need to be inside the network to begin with. No problem there. However, the attacker would also be forced to target the caching servers. Additionally: 1. The attacker would need to know which internet-facing DNS server the caching server is working with at the time of the attack (or spoof them all). 2. Instead of spoofing the authority as in the msf module, the attacker would have to spoof the internet-facing DNS servers. After that, unpached DNS servers are game. I'm in the process of modifying the .rb modules for our environment, but I thought I should ask: am I on the right track here or am I missing something? Thanks. On Wed, Jul 23, 2008 at 11:20 PM, H D Moore <hdm at metasploit.com> wrote:
Woops: http://www.caughq.org/exploits/CAU-EX-2008-0002.txt _______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080724/cce71b72/attachment.htm>
Current thread:
- Exploit for the DNS cache poisoning vulnerability... H D Moore (Jul 23)
- Exploit for the DNS cache poisoning vulnerability... H D Moore (Jul 23)
- Exploit for the DNS cache poisoning vulnerability... Jarrod Frates (Jul 23)
- Exploit for the DNS cache poisoning vulnerability... Jaime Blasco (Jul 24)
- Exploit for the DNS cache poisoning vulnerability... H D Moore (Jul 24)
- Exploit for the DNS cache poisoning vulnerability... Jarrod Frates (Jul 23)
- Exploit for the DNS cache poisoning vulnerability... Juan Miguel Paredes (Jul 24)
- Exploit for the DNS cache poisoning vulnerability... natron (Jul 24)
- Exploit for the DNS cache poisoning vulnerability... Jose Carlos Luna (Jul 24)
- Exploit for the DNS cache poisoning vulnerability... Juan Miguel Paredes (Jul 24)
- Exploit for the DNS cache poisoning vulnerability... H D Moore (Jul 23)