| 软件名称: |
BIND 9.5.0-P2 Remote DNS Cache Poisoning Exploit |
| 文件类型: |
.gz |
|
| 界面语言: |
英文软件 |
| 软件类型: |
国外软件 |
| 运行环境: |
Win2003,WinXP,Win2000,Win9X |
| 授权方式: |
共享软件 |
| 软件大小: |
12KB |
| 软件等级: |
★★★☆☆ |
| 发布时间: |
2008-08-14 |
| 官方网址: |
http:// 作者:Zbr |
| 演示网址: |
|
| 软件说明: |
|
Successfully poisoned the latest BIND with fully randomized ports!
Exploit required to send more than 130 thousand of requests for the fake records like
131737-4795-15081.blah.com to be able to match port and ID and insert poisoned entry
for the poisoned_dns.blah.com.
# dig @localhost www.blah.com +norecurse
; <<>> DiG 9.5.0-P2 <<>> @localhost www.blah.com +norecurse
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6950
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;www.blah.com. IN A
;; AUTHORITY SECTION:
www.blah.com. 73557 IN NS poisoned_dns.blah.com.
;; ADDITIONAL SECTION:
poisoned_dns.blah.com. 73557 IN A 1.2.3.4
# named -v
BIND 9.5.0-P2
BIND used fully randomized source port range, i.e. around 64000 ports.
Two attacking servers, connected to the attacked one via GigE link, were used,
each one attacked 1-2 ports with full ID range. Usually attacking server is able
to send about 40-50 thousands fake replies before remote server returns the
correct one, so if port was matched probability of the successful poisoning is more than 60%.
Attack took about half of the day, i.e. a bit less than 10 hours.
So, if you have a GigE lan, any trojaned machine can poison your DNS during one night...
original source: http://tservice.net.ru/~s0mbre/blog/2008/08/08/
http://milw0rm.com/sploits/2008-dns-bind.tgz
|
|
| 下载地址: |
进入下载地址列表
|
| 下载说明: |
☉推荐使用网际快车下载本站软件,使用 WinRAR v3.10 以上版本解压本站软件。
☉如果这个软件总是不能下载的请点击报告错误,谢谢合作!!
☉下载本站资源,如果服务器暂不能下载请过一段时间重试!
☉如果遇到什么问题,请到本站论坛去咨寻,我们将在那里提供更多 、更好的资源!
☉本站提供的一些商业软件是供学习研究之用,如用于商业用途,请购买正版。 |
|
[ 推荐]
[ 评论(0条)] [返回顶部] [打印本页]
[关闭窗口] |
|
|
| |
|
|
 |
|
推荐广告 |
|
|
|
|
|
