« Evilgrade targets insecure software updates | Main | Metasploit author hacked by metasploit DNS tools »

07/28/2008

BailiWicked Metasploit modules updated for automatic tuning

The Metasploit BailiWicked modules for Kaminsky's DNS vulnerabilities have been updated for automatic tuning.

From the Metasploit blog:

The bailiwicked modules (host and domain) were updated today to include the ability to predict the time window between the outgoing request from the target nameserver and the response from the real nameserver(s). This measurement is used to tune the number of spoofed replies sent by the exploit. The result is a big increase in exploit reliability, especially when the target domain has a ton of nameservers (Yahoo has eight) or changes its responsiveness during the test (BIND tends to slow down when it has a full cache). [From BailiWicked Automatic Tuning]

Posted at 05:54 PM in News, Security |

|

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a0120a7f55fc1970b0120a7f59d89970b

Listed below are links to weblogs that reference BailiWicked Metasploit modules updated for automatic tuning:

» Kaminsky DNS vulnerability now in metasploit module form from SNACKFIN.COM
It looks like Dan Kaminsky's DNS vulnerability has been released as a pair of metasploit modules, which means the script kiddies are about to unleash it on the unpatched (so patch already). From the Metasploit Blog: So, on to our... [Read More]

Tracked on 01/20/2010 at 08:36 PM

Comments

Feed You can follow this conversation by subscribing to the comment feed for this post.

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment