module
BIND TKEY Query Denial of Service
| Disclosed | Created |
|---|---|
| 07/28/2015 | 05/30/2018 |
Disclosed
07/28/2015
Created
05/30/2018
Description
This module sends a malformed TKEY query, which exploits an
error in handling TKEY queries on affected BIND9 'named' DNS servers.
As a result, a vulnerable named server will exit with a REQUIRE
assertion failure. This condition can be exploited in versions of BIND
between BIND 9.1.0 through 9.8.x, 9.9.0 through 9.9.7-P1 and 9.10.0
through 9.10.2-P2.
error in handling TKEY queries on affected BIND9 'named' DNS servers.
As a result, a vulnerable named server will exit with a REQUIRE
assertion failure. This condition can be exploited in versions of BIND
between BIND 9.1.0 through 9.8.x, 9.9.0 through 9.9.7-P1 and 9.10.0
through 9.10.2-P2.
Authors
Jonathan Footethrowawayokejxqbbifwvu
References
Module Options
To display the available options, load the module within the Metasploit console and run the commands ‘show options’ or ‘show advanced’:
msf > use auxiliary/dos/dns/bind_tkey
msf /(y) > show actions
...actions...
msf /(y) > set ACTION < action-name >
msf /(y) > show options
...show and set options...
msf /(y) > run
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.