DNS exploit code released by Metasploit founder Staff

Metasploit Project founder H.D. Moore released the exploit for the recent DNS cache-poisoning vulnerability via his Metasploit Framework.

The code was released Wednesday, a day after noted reverse engineer Halvar Flake successfully guessed the details of the flaw.

    Requires Free Membership to View

Flake published his findings on his blog, opening up a flood of questions from researchers about the controlled release of the flaw, and the one month delay in announcing the details.

Security researcher Dan Kaminsky announced the discovery of the flaw July 8 when DNS vendors rallied to conduct a massive coordinated patch release. Kaminsky said he wouldn't reveal details of the flaw until his Black Hat presentation in August. Keeping the details a secret would give IT administrators time to deploy the patch, he said.

Experts say that releasing the exploit code via Metasploit almost assures that attacks will take place. The Metasploit Framework is a tool used to conduct security vulnerability research. It allows security pros to test their systems without having to code their own exploits.

A successful DNS attack could happen in seconds. The technique involves overloading the server with requests until a legitimate answer is received. An attacker must redirect the name server to a bogus IP address and dupe the server into believing that the queried domain is legit.

On his Doxpara Research blog, Kaminsky warned administrators to immediately patch their systems.

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: