Andres Tarasco - (c) 2007
Url: http://www.514.es
By default, most Microsoft DNS servers integrated with active directory allowinsecure dynamic updates for dns records. This feature allows remote users to create, change and delete DNS records.
There are several attack scenarios:
- MITM attacks: Changing dns records for the network proxy and relay HTTP queries. This attack vector is the most reliable and also allows us to exploit automatic updates for most Windows software, by deploying custom binaries to the client.
- Denial of service: by deleting / changing critical dns records
- Pharming: like mitm attacks, poisoning several dns records.
dnsfun exploits that weak configuration and allows remote users to modify dns records.
No comments:
Post a Comment