«
»

Exploits for Kaminsky’s DNS Cache Poisoning Flaw

By I)ruid

I patched the second Kaminsky told us all to ~15 days ago… did you?

CAU-EX-2008-0002

CAU-EX-2008-0003

Metasploit blog post about these exploits.

This entry was posted on July 23, 2008 at 10:10 pm and is filed under CAU, advisory, exploit, hpavc. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

5 Responses to “Exploits for Kaminsky’s DNS Cache Poisoning Flaw”

  1. Dominic White's .tHE pRODUCT Says:
    July 24, 2008 at 12:25 am

    Kaminsky’s DNS Flaw Exploit has been Released…

    * Kaminsky DNS Cache Poisoning Flaw Exploit for Domains
         – Advisory: http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
         – Exploit: http://www.caughq.org/exploits/2008/bailiwicked_domain.rb

    * Kaminsky DNS Cache Poisoning Flaw Ex…

  2. Hellboy Says:
    September 11, 2008 at 5:20 pm

    Hello, how to make your script work? It can’t find net/dns library

  3. Hellboy Says:
    September 11, 2008 at 5:21 pm

    bailiwicked_domain.rb:2:in `require’: no such file to load — net/dns (LoadError)

  4. I)ruid Says:
    September 12, 2008 at 6:47 pm

    @Hellboy: First, you’ll want to make sure you’re running the latest version of MSF from Subversion, because it includes all the things that these require which are NOT in the stable version. To do this, you’ll need to grab it from the Metasploit Subversion ‘trunk’ repository. You can find details on how to do that here:

    http://www.metasploit.com/framework/download/

    Once you’ve done that, you’ll also automatically have the more recent versions of those modules which will come along with the rest of the trunk source.

  5. qwe Says:
    October 14, 2008 at 9:17 pm

    thanks man

    but please what this mean ?

    check

    [*] Using the Metasploit service to verify exploitability…

    [*] ERROR: This server is not replying to recursive requests

Leave a Reply