Exploit for DNS Cache Poisoning - RELEASED
ganbold at gmail.com
Thu Jul 24 23:16:14 CDT 2008
On Thu, Jul 24, 2008 at 10:32 AM, Tuc at T-B-O-H.NET <ml at t-b-o-h.net> wrote:
> > - -- "Robert D. Scott" <robert at ufl.edu> wrote:
> > >Now, there is an exploit for it.
> > >
> > >http://www.caughq.org/exploits/CAU-EX-2008-0002.txt
> > Now also (mirrored) here:
> > http://www.milw0rm.com/exploits/6122
> > ...and probably a slew of other places, too. ;-)
> The changes the put into metasploit for this don't seem
> to work if running from FreeBSD 5.5, possibly other BSD's and
> versions from talking to the author.
True. On FreeBSD 7.0-STABLE (updated on Fri May 23) it fails to create raw
[-] This module is configured to use a raw IP socket. On Unix systems, only
the root user is allowed to create raw sockets.Please run the framework as
root to use this module.
[*] Attempting to inject poison records for example.com.'s nameservers into
[-] Auxiliary failed: undefined method `sendto' for nil:NilClass
More information about the NANOG