Exploits for Kaminsky’s DNS Cache Poisoning Flaw

I patched the second Kaminsky told us all to ~15 days ago… did you?

CAU-EX-2008-0002

CAU-EX-2008-0003

Metasploit blog post about these exploits.

Advertisements

5 Responses to “Exploits for Kaminsky’s DNS Cache Poisoning Flaw”

  1. Dominic White's .tHE pRODUCT Says:

    Kaminsky’s DNS Flaw Exploit has been Released…

    * Kaminsky DNS Cache Poisoning Flaw Exploit for Domains
         – Advisory: http://www.caughq.org/exploits/CAU-EX-2008-0003.txt
         – Exploit: http://www.caughq.org/exploits/2008/bailiwicked_domain.rb

    * Kaminsky DNS Cache Poisoning Flaw Ex…

  2. Hellboy Says:

    Hello, how to make your script work? It can’t find net/dns library

  3. Hellboy Says:

    bailiwicked_domain.rb:2:in `require’: no such file to load — net/dns (LoadError)

  4. I)ruid Says:

    @Hellboy: First, you’ll want to make sure you’re running the latest version of MSF from Subversion, because it includes all the things that these require which are NOT in the stable version. To do this, you’ll need to grab it from the Metasploit Subversion ‘trunk’ repository. You can find details on how to do that here:

    http://www.metasploit.com/framework/download/

    Once you’ve done that, you’ll also automatically have the more recent versions of those modules which will come along with the rest of the trunk source.

  5. qwe Says:

    thanks man

    but please what this mean ?

    check

    [*] Using the Metasploit service to verify exploitability…

    [*] ERROR: This server is not replying to recursive requests

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: