CoCalc -- dns

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
Path: blob/master/documentation/modules/auxiliary/scanner/dns/dns_amp.md
Views: ¹⁹⁰⁴

Vulnerable Application

This module can be used to discover DNS servers which expose recursive name lookups which can be used in an amplification attack against a third party.

BIND 9.4.1-P1: source Ubuntu 7.10: Gutsy Gibbon

Verification Steps

Start msfconsole
Do: use modules/auxiliary/scanner/dns/dns_amp
Do: set DOMAINNAME [domain]
Do: set RHOST [ip]
Do: run

Scenarios

A run on Ubuntu 7.10 (Gutsy Gibbon) and BIND 9.4.1-P1

msf > use modules/auxiliary/scanner/dns/dns_amp
msf auxiliary(scanner/dns/dns_amp) > set DOMAINNAME domain.com
  DOMAINNAME => domain.com
msf auxiliary(scanner/dns/dns_amp) > set RHOSTS 192.168.10.254
  RHOSTS => 192.168.10.254
msf auxiliary(scanner/dns/dns_amp) > run
  [*] Sending DNS probes to 192.168.10.254->192.168.10.254 (1 hosts)
  [*] Sending 70 bytes to each host using the IN ANY domain.com request
  [+] 192.168.10.254:53 - Response is 374 bytes [5.34x Amplification]
  [*] Scanned 1 of 1 hosts (100% complete)
  [*] Auxiliary module execution completed

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

Vulnerable Application

Verification Steps

Scenarios

A run on Ubuntu 7.10 (Gutsy Gibbon) and BIND 9.4.1-P1

Product

Resources

Company