首頁 | 安全文章 | 安全工具 | Exploits | 本站原創 | 關于我們 | 網站地圖 | 安全論壇
  當前位置:主頁>安全工具>攻擊程序>軟件詳細
軟件名稱:  BIND 9.5.0-P2 Remote DNS Cache Poisoning Exploit
文件類型:  .gz
界面語言:  英文軟件
軟件類型:  國外軟件
運行環境:  Win2003,WinXP,Win2000,Win9X
授權方式:  共享軟件
軟件大小:  12KB
軟件等級:  ★★★☆☆
發布時間:  2008-08-14
官方網址: http:// 作者:Zbr
演示網址:
軟件說明:  
Successfully poisoned the latest BIND with fully randomized ports!

Exploit required to send more than 130 thousand of requests for the fake records like
131737-4795-15081.blah.com to be able to match port and ID and insert poisoned entry
for the poisoned_dns.blah.com.

# dig @localhost www.blah.com +norecurse

; <<>> DiG 9.5.0-P2 <<>> @localhost www.blah.com +norecurse
; (1 server found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6950
;; flags: qr ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;www.blah.com.                  IN      A

;; AUTHORITY SECTION:
www.blah.com.           73557   IN      NS      poisoned_dns.blah.com.

;; ADDITIONAL SECTION:
poisoned_dns.blah.com.  73557   IN      A       1.2.3.4

# named -v
BIND 9.5.0-P2

BIND used fully randomized source port range, i.e. around 64000 ports.
Two attacking servers, connected to the attacked one via GigE link, were used,
each one attacked 1-2 ports with full ID range. Usually attacking server is able
to send about 40-50 thousands fake replies before remote server returns the
correct one, so if port was matched probability of the successful poisoning is more than 60%.

Attack took about half of the day, i.e. a bit less than 10 hours.
So, if you have a GigE lan, any trojaned machine can poison your DNS during one night...

original source: http://tservice.net.ru/~s0mbre/blog/2008/08/08/

http://milw0rm.com/sploits/2008-dns-bind.tgz
下載地址: 進入下載地址列表
下載說明: ☉推薦使用網際快車下載本站軟件,使用 WinRAR v3.10 以上版本解壓本站軟件。
☉如果這個軟件總是不能下載的請點擊報告錯誤,謝謝合作!!
☉下載本站資源,如果服務器暫不能下載請過一段時間重試!
☉如果遇到什么問題,請到本站論壇去咨尋,我們將在那里提供更多 、更好的資源!
☉本站提供的一些商業軟件是供學習研究之用,如用于商業用途,請購買正版。
[推薦] [評論(0條)] [返回頂部] [打印本頁] [關閉窗口]  
匿名評論
評論內容:(不能超過250字,需審核后才會公布,請自覺遵守互聯網相關政策法規。
 §最新評論:
  熱門軟件
·qwks.cpp(MS03-049)
·ms05039.rar
·fsie.rar
·Serv-U FTP溢出漏洞利用工具
·NBSI2破解版
·MS08-067.rar
·提權大殺器(2010黑帽大會公布的
·Churrasco.zip
·tfn2k.tgz
·SMBdie
·ms04-011.rar
·WinArpAttacker3.50.rar
  相關軟件
·MaxHijack 1.4
·MS08-021_Gdi.tgz
·Churrasco.zip
·Dbshell
·ms08-067.zip
·MS08-067.rar
·ms08-066.rar
·Word Gmail Xss Exp
·smbrelay3.zip
·JCZ3.rar
·prdelka-vs-MS-rshd.tar.gz
·2008-quicktimebof.zip
 
  推薦廣告
CopyRight © 2002-2020 VFocuS.Net All Rights Reserved
期本期特码