Metasploit mailing list archives
bailiwicked_domain not working even with static source port?
From: richard.k.miles at googlemail.com (Richard Miles)
Date: Fri, 14 Aug 2009 17:53:37 -0500
hi Sometime ago I posted a question about bailiwicked_domain and HD explained the code it unable to exploit DNS using sequential source ports. Now I tried against a DNS server with static source port and it just freeze. My output is below (it's a internal name-server that allow recursive queries)... [*] >> ADDRESS: xxx.xxx.xxx.xxx PORT: 53276 [*] >> ADDRESS: xxx.xxx.xxx.xxx PORT: 53276 [*] >> ADDRESS: xxx.xxx.xxx.xxx PORT: 53276 [*] >> ADDRESS: xxx.xxx.xxx.xxx PORT: 53276 [*] >> ADDRESS: xxx.xxx.xxx.xxx PORT: 53276 [*] >> ADDRESS: xxx.xxx.xxx.xxx PORT: 53276 [*] >> ADDRESS: xxx.xxx.xxx.xxx PORT: 53276 [*] FAIL: This server uses a static source port and is vulnerable to poisoning msf auxiliary(bailiwicked_domain) > exploit [*] Switching to target port 53276 based on Metasploit service [*] Warning: target address xxx.xxx.xxx.xxx is not the same as the nameserver's query source address yyy.yyy.yyy.yyy! [*] Targeting nameserver xxx.xxx.xxx.xxx for injection of www.hacker.com. nameservers as www.google.com [*] Querying recon nameserver for www.hacker.com.'s nameservers... At this point the exploitation get freezes, I can wait for hours or even a day and it never goes on.... Any feedback is werlcome. thankz
Current thread:
- bailiwicked_domain not working even with static source port? Richard Miles (Aug 14)
- Message not available
- bailiwicked_domain not working even with static source port? Richard Miles (Aug 17)
- Message not available