Attack Code Published For DNS Vulnerability

get_Rootin writes "That didn't take long. ZDNet is reporting that HD Moore has released exploit code for Dan Kaminsky's DNS cache poisioning vulnerability into the point-and-click Metasploit attack tool. From the article: 'This exploit caches a single malicious host entry into the target nameserver. By causing the target nameserver to query for random hostnames at the target domain, the attacker can spoof a response to the target server including an answer for the query, an authority server record, and an additional record for that server, causing target nameserver to insert the additional record into the cache.' Here's our previous Slashdot coverage."

Google

[bdasd5]

And here I am, thinking I was on Google.

The Book Of Internets, Chapter Three, Verse Twelve

[Aussenseiter]

And lo, all unpatched websites were rendered unto Goatse.

DNS sploit result

[hostyle]

%> /usr/bin/treaceroute fruity.stuff

traceroute to fruity.stuff (1.2.3.4), 30 hops max, 42 byte packets
evil bit detected. re-routing ...

I know

[Daimanta]

I exploited this and let a huge cache of people visit my site(127.0.0.1) in stead of the site they wanted to go. It was kickass.

Re:CONFIRMED: Steve Jobs has AIDS !!

[DurendalMac]

For fuck's sake, whoever is DDoSing 4chan needs to stop already! The tards have spread out and are trolling the whole internet. At least the 4chan cesspool kept them all mostly in one place. Now they're left with nowhere to go and are taking their idiocy all over the internet!

Re:Here we go...

[Vectronic]

"And I can hear just about any song I ever would want to hear in less than a minute."

Shit, you should check out some of the songs that are longer than a minute, there's some good ones out there, but, yes...those quick little punk ditties are good too.

Guess now there's no need

[al0ha]

to watch the Black Hat DNS vulnerability webcast tomorrow. My only question is, what took so long?

Re:Here we go...

[Mordok-DestroyerOfWo]

Maybe he just speeds them up so they fit to a nice round minute. I for one would love to hear Freebird sped up so it lasts a minute.

Re:DNS Glue poisoning was already known...

[harlows_monkeys]

That's not the attack. Try again.

Re:More edifying than TFA's script

[PRMan]

This link is in French. I'd rather read scripts. At least they're in Geek.

Re:I know

[Anonymous Coward]

HAHA, fool! now that I know your ip address, I shall soon hack you into oblivion!

Re:I know

[Anpheus]

Don't worry, I just disabled his intern

[CARRIER LOST]

Re:And the "fix" isn't

[pfleming]

Setec Astronomy

Re:Here we go...

[ILuvRamen]

And also a solar storm can knock out the entire internet and power grid. And at any time we can be hit by a gamma ray burst or a black hole from the LHC can suck us all up. Yeah, internet security is never going to be 100%, DUH! Is it really even worth mentioning?

Re:Here we go...

[MadMidnightBomber]

Can someone please send me the HOSTS file for the Internet?

kthxbye

Re:CONFIRMED: Steve Jobs has AIDS !!

[Ant P.]

The idea of /b/ spreading outside of 4chan terrifies me more than the thought that my DNS might get hijacked, TBH.

Re:Help Please

[totally bogus dude]

Unfortunately it.slashdot.org has already been poisoned; you actually posted that request to an elaborate mock-up of the real slashdot, and the replies are coming from l33t hackers who are supplying you with false DNS servers which currently appear to work correctly.

You'd best disconnect from the internet and burn your computer. It's the only way to be sure.