OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Mitino-PTT support (supportmitino.ptt.ru)
Date: Mon Aug 20 2001 - 11:24:14 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    :))
    hehe
    really lame

    or maybe i don't understand

    i think first operating system looks hosts file and then (if not true) makes
    a dns query
    its not a bug or vulnerability
    it is feature (which came from ancient times when there was no domain name
    system on the Earth)
    i think it is not a topic for this list

    i can create zone file for microsoft.com on my ISP master NS server with
    entry like this

    www IN A 127.0.0.1
    and it will work BUT I WILL NOT WRITE about this in bugtraq !!

    forgive me my bad english, usually i only read bugtraq, but now after this
    message i can't be silent ;)

    -----Исходное сообщение-----
    От: .MetsyS. <stfxtra.co.nz>
    Кому: vuln-devsecurityfocus.com <vuln-devsecurityfocus.com>
    Дата: 20 августа 2001 г. 20:06
    Тема: (lame) spoofing DNS with hosts files...

    >Hi everybody,
    >
    >The recent discussion on the IE bookmark problem made me think of some
    >other ways you could force sombody to point their browser somewhere they
    >were not intending to.
    >
    >My apologies if this is already well known and i'm wasting bandwidth.
    >(which is probably the case)
    >
    >You will end up at abcnews.com instead of hotmail.com in this example
    >
    >Open up your windows host file and add an entry like:
    >204.202.136.30 www.hotmail.com
    >
    >I tested this with Netscape 4.08 Win98SE with proxies turned off.
    >
    >Now open up your web browser and tell it to go to www.hotmail.com if your
    >proxy server settings are not forced you should end up at www.abcnews.com.
    >
    >I know this is silly, and rather obvious... just remember... this is not
    >just limited to the web browser, your curcumventing a DNS lookup.
    >
    >eg:
    >C:\WINDOWS>ping www.hotmail.com
    >
    >Pinging www.hotmail.com [64.4.44.7] with 32 bytes of data:
    >
    >Control-C
    >C:\WINDOWS>echo 192.168.1.2 www.hotmail.com >> hosts
    >
    >C:\WINDOWS>ping www.hotmail.com
    >
    >Pinging www.hotmail.com [192.168.1.2] with 32 bytes of data:
    >
    >Reply from 192.168.1.2: bytes=32 time=38ms TTL=255
    >
    >Ping statistics for 192.168.1.2:
    > Packets: Sent = 1, Received = 1, Lost = 0 (0% loss),
    >Approximate round trip times in milli-seconds:
    > Minimum = 38ms, Maximum = 38ms, Average = 38ms
    >Control-C
    >
    >
    >Tested the same thing under linux too... no suprises really I spose just
    >something to ponder...
    >
    >Keep a tripwire DB.
    >
    >One last thing which is kind of off topic... has anybody seen some good
    >papers that discuss loose source routing ? and how to set up a packet with
    >LSR ?
    >
    >Suggestions, comments welcome.
    >
    >.MetsyS.
    >