Views: 4,599 dns2proxy is an offensive DNS server that offers various features for post-exploitation once you’ve changed the DNS server of a victim. It’s very frequently used in combination with sslstrip. Features Traditional DNS Spoofing Implements DNS Spoofing via Forwarding Detects and corrects changes for sslstrip to work Usage Using the spoof.cfg config file with […]
hacking dns
dnsscan – DNS Open Recursive Resolver Scanner/Scanning Tool
Views: 10,226 [ad] Dnsscan is a tool for finger printing open recursive resolvers. It runs in conjuction with a small server that knows how to reply to queries forwarded from probed resolvers. For example, assume that you have delegated osd.example.org:
1 2 |
osd.example.org. 900 IN NS ns1.example.org. ns1.example.org. 900 IN A 10.0.0.1 |
On 10.0.0.1, you would run:
1 |
# ./dnsresponder -Q .osd.example.org |
On the client that initiates the DNS probes, […]
PorkBind v1.3 – Nameserver (DNS) Security Scanner
Views: 7,298 [ad] This program retrieves version information for the nameservers of a domain and produces a report that describes possible vulnerabilities of each. Vulnerability information is configurable through a configuration file; the default is porkbind.conf. Each nameserver is tested for recursive queries and zone transfers. The code is parallelized with libpthread. Changes for v1.3 […]
Exploit for Kaminsky DNS Bug Goes Wild
Views: 26,593 [ad] There has been a lot of hype about this one, but this flaw is a real threat and the working exploits are now available in the wild. To top that, they have already been ported into Metasploit! I hope all the major ISPs are in a patching frenzy right now and not […]
Zodiac – DNS Protocol Monitoring and Spoofing Tool
Views: 9,381 [ad] Zodiac is a DNS protocol analyzation and exploitation program. It is a robust tool to explore the DNS protocol. Internally it contains advanced DNS routines for DNS packet construction and disassembling and is the optimal tool if you just want to try something out without undergoing the hassle to rewrite DNS packet […]