Results 1 to 6 of 6

Thread: About the famous DNS vulnerability.

  1. 08-18-2008, 04:44 PM #1
    imported_demente
    imported_demente is offline
    Just burned his ISO
    Join Date
    Jun 2006
    Posts
    12

    Talking About the famous DNS vulnerability.

    Hi guys,
    is there a tool or script that checks if a determined server is vulnerable??

    Vulnerability Description
    hxxp://xxx.kb.cert.org/vuls/id/800113

    i know that are some webpages that claims to do the check, like
    xxx.dnsstuff.com/, xxx.doxpara.com/ and hxxp://entropy.dns-oarc.net/test/

    But the servers that i need to check (and patch if necesary) have no access to internet (blocked by ACL) and only respond to ssh (for admin) and udp 53 (dns). So i cannot check on this servers using a web page.

    So, am searching for a tool that i can execute in the same vlan where the servers are (lan acces to the servers) for have a trustworthie result.
    the plataform could be linux or win, there is no problem with that.

    Something like sh dnscheck -i eth1 10.10.10.1-50 -o Report.txt

    Thanks!!!
  2. 08-18-2008, 06:54 PM #2
    imported_wyze
    imported_wyze is offline
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by demente View Post
    Hi guys,
    is there a tool or script that checks if a determined server is vulnerable??

    Vulnerability Description
    hxxp://xxx.kb.cert.org/vuls/id/800113

    i know that are some webpages that claims to do the check, like
    xxx.dnsstuff.com/, xxx.doxpara.com/ and hxxp://entropy.dns-oarc.net/test/

    But the servers that i need to check (and patch if necesary) have no access to internet (blocked by ACL) and only respond to ssh (for admin) and udp 53 (dns). So i cannot check on this servers using a web page.

    So, am searching for a tool that i can execute in the same vlan where the servers are (lan acces to the servers) for have a trustworthie result.
    the plataform could be linux or win, there is no problem with that.

    Something like sh dnscheck -i eth1 10.10.10.1-50 -o Report.txt

    Thanks!!!
    Yes: Metasploit does this with Baliwicked tool, which can be found in auxiliary with an update 3.2 Metasploit

    More info here: http://blog.metasploit.com/2008/07/bailiwicked.html
    dd if=/dev/swc666 of=/dev/wyze
  3. 08-18-2008, 11:37 PM #3
    imported_demente
    imported_demente is offline
    Just burned his ISO
    Join Date
    Jun 2006
    Posts
    12

    Default

    Excelent!! Thank you wyze!!! am reading the blog right now!!!!
    Tomorrow at first light i will be checking those servers!!!
  4. 08-19-2008, 06:07 PM #4
    caturix
    caturix is offline
    Just burned his ISO
    Join Date
    Feb 2006
    Posts
    11

    Default DNS vuln

    You can also check it deom Dan Kaminsky's site. That is if the server you want to check is accepting requests from the outside and you just want a quick and easy answer.

    url not posted because of my limited message history.
  5. 08-19-2008, 07:12 PM #5
    imported_demente
    imported_demente is offline
    Just burned his ISO
    Join Date
    Jun 2006
    Posts
    12

    Default

    Thanks caturix, but as i said before the servers have no access to internet (blocked by ACL), so i cannot use any webpage to check them, but thanks anyway men!
  6. 08-31-2008, 09:38 AM #6
    caturix
    caturix is offline
    Just burned his ISO
    Join Date
    Feb 2006
    Posts
    11

    Default oops

    heh. I must have been drunk when I responded. I don't remember reading (or in this case) misreading your post.
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules