|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: BIND 8.2.2.-P3, 0-day exploit
From: Brian McKinney (rizzdogg
NOC.THEWORKS.COM)Date: Thu Apr 27 2000 - 14:41:32 CDT
- Next message: Patrick Oonk: "Re: BIND 8.2.2.-P3, 0-day exploit"
- Previous message: Ex Machina: "Re: Odd snmp scans from 10.0.0.0/8 address ???"
- Maybe in reply to: Patrick Oonk: "BIND 8.2.2.-P3, 0-day exploit"
- Maybe reply: Brian McKinney: "Re: BIND 8.2.2.-P3, 0-day exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ryan wrote:
>Anyone have one of these scanners that's being used in the wild? Do
>just they do banner scanning, as suggested below, or do they just try the
>exploit regardless? Judging by how many folks here are repoting
>successful owning by the ADMrocks exploit, I would assume that it works
>particularly well, even for the most clueless kiddies.
Heres a bind scanner that i found a while ago. it scans by /16 and /24. and
yes its very easy to use even for the most clueless kiddies.
Brian
here is the source and the binary compiled on freebsd.
- application/octet-stream attachment: bs1
- application/octet-stream attachment: bs.c
- Next message: Patrick Oonk: "Re: BIND 8.2.2.-P3, 0-day exploit"
- Previous message: Ex Machina: "Re: Odd snmp scans from 10.0.0.0/8 address ???"
- Maybe in reply to: Patrick Oonk: "BIND 8.2.2.-P3, 0-day exploit"
- Maybe reply: Brian McKinney: "Re: BIND 8.2.2.-P3, 0-day exploit"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]