DNS domain transfer loophole --vulhub vulnerability reproduce 007

Others 2020-01-20 19:25:08 views: null

Preface:

Vulhub is based on a set of environmental vulnerability and docker docker-compose, and enter the corresponding directory and execute a statement to start a new loophole environment for vulnerabilities easier to reproduce, so security vulnerability researchers to focus more on the principle itself.

Voulhub drone platform environment to build and use:

https://blog.csdn.net/qq_41832837/article/details/103948358

table of Contents:

Vulnerabilities principle

DNS server is divided into the main server, from the (backup) server, the cache server. DNS protocol supports axfr type of recording zone transfers, to solve the problem of the master-slave synchronization. If the administrator when configuring the DNS server is no limit to allow sources to obtain records, will cause the DNS domain transfer vulnerabilities, exploits can obtain all records for a domain.

Vulnerability Details

Affected: support axfr recorded version, such as bind9

DNS server using the domain transfer function, the data from the master to achieve synchronization purposes. Domain transmission key configuration item to: allow-transfer, allow-transfer parameter configuration item allows to achieve the limit of the effect of the source of acquisition records. After bind9 default installation, configuration item is no allow-transfer, so if you do not manually add items allow-transfer, the transfer will exist dns domain vulnerability.

Vulnerability reproduction

After starting the environment, it will listen port 53, DNS protocol supports both TCP and UDP ports from the two data transmission. Because it involves a port number below 1024, you may need to run the above command with root privileges.

1, kali dns transmission request command using the dig, obtaining the domain name on the target vulhub.com A recording server dns

dig @192.168.232.135 vulhub.org

Here Insert Picture Description
2, the transmission request dns type axfr

dig @192.168.232.135 -t axfr vulhub.org

Here Insert Picture Description
Successfully acquired the vulhub.org all subdomains record

END

Accumulated a little each day, eventually burst out one day a powerful force. I jammny, like the point of a praise! Add attention to it! Continuously updated vulhub vulnerabilities recurring series.

jammny
Published 20 original articles · won praise 53 · views 10000 +
Private letter concerns

Guess you like

Origin blog.csdn.net/qq_41832837/article/details/104055068
Recommended
Ranking
ElasticSearch-- data modeling best practices
Permission Maintenance - Shadow User Backdoor
Refactor the code using MVP mode
Quantitative investment-fundamental model-PVC multi-factor model
Spark Big Data Processing Lecture Notes 3.2 Mastering RDD Operators
Blazor page components (2)
Erlernen von Kenntnissen zur Android-Entwicklung – Kodierung, Verschlüsselung, Hash, Serialisierung und Zeichensätze
About Qi high in JAVA study notes SORM summary detailed personal explanation
Will you calculate the accuracy of the rope displacement sensor in the measurement?
OPENJTAG debugging learning (3): debugging using the gdb command line
Daily
More
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)

Code World

© 2018 codetd.com