首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全工具>攻击程序>软件详细
软件名称:  BIND 9.5.0-P2 Remote DNS Cache Poisoning Exploit
文件类型:  .gz
界面语言:  英文软件
软件类型:  国外软件
运行环境:  Win2003,WinXP,Win2000,Win9X
授权方式:  共享软件
软件大小:  12KB
软件等级:  ★★★☆☆
发布时间:  2008-08-14
官方网址: http:// 作者:Zbr
演示网址:
软件说明:  
Successfully poisoned the latest BIND with fully randomized ports!

Exploit required to send more than 130 thousand of requests for the fake records like
131737-4795-15081.blah.com to be able to match port and ID and insert poisoned entry
for the poisoned_dns.blah.com.

# dig @localhost www.blah.com +norecurse

; <<>> DiG 9.5.0-P2 <<>> @localhost www.blah.com +norecurse
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6950
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.blah.com.                  IN      A

;; AUTHORITY SECTION:
www.blah.com.           73557   IN      NS      poisoned_dns.blah.com.

;; ADDITIONAL SECTION:
poisoned_dns.blah.com.  73557   IN      A       1.2.3.4

# named -v
BIND 9.5.0-P2

BIND used fully randomized source port range, i.e. around 64000 ports.
Two attacking servers, connected to the attacked one via GigE link, were used,
each one attacked 1-2 ports with full ID range. Usually attacking server is able
to send about 40-50 thousands fake replies before remote server returns the
correct one, so if port was matched probability of the successful poisoning is more than 60%.

Attack took about half of the day, i.e. a bit less than 10 hours.
So, if you have a GigE lan, any trojaned machine can poison your DNS during one night...

original source: http://tservice.net.ru/~s0mbre/blog/2008/08/08/

http://milw0rm.com/sploits/2008-dns-bind.tgz
下载地址: 进入下载地址列表
下载说明: ☉推荐使用网际快车下载本站软件,使用 WinRAR v3.10 以上版本解压本站软件。
☉如果这个软件总是不能下载的请点击报告错误,谢谢合作!!
☉下载本站资源,如果服务器暂不能下载请过一段时间重试!
☉如果遇到什么问题,请到本站论坛去咨寻,我们将在那里提供更多 、更好的资源!
☉本站提供的一些商业软件是供学习研究之用,如用于商业用途,请购买正版。
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热门软件
·qwks.cpp(MS03-049)
·ms05039.rar
·fsie.rar
·Serv-U FTP溢出漏洞利用工具
·NBSI2破解版
·MS08-067.rar
·提权大杀器(2010黑帽大会公布的
·Churrasco.zip
·tfn2k.tgz
·ms04-011.rar
·SMBdie
·KiTrap0D.zip
  相关软件
·MaxHijack 1.4
·MS08-021_Gdi.tgz
·Churrasco.zip
·Dbshell
·ms08-067.zip
·MS08-067.rar
·ms08-066.rar
·Word Gmail Xss Exp
·smbrelay3.zip
·JCZ3.rar
·prdelka-vs-MS-rshd.tar.gz
·2008-quicktimebof.zip
 
  推荐广告
CopyRight © 2002-2021 VFocuS.Net All Rights Reserved