Skip to content
/ DNS-Kaminsky-Attack Public

A simple lab to perform the Kaminsky's cache poisoning attack

4 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

m4ttless/DNS-Kaminsky-Attack

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
attack.py
attack.py
 
 

Repository files navigation

DNS-Kaminsky-Attack

This repository contains the DNS-Kaminsky-Attack code.

The goal of this lab is to show how to exploit the DNS vulnerability found by Dan Kaminsky in 2008. This vulnerability allowed attackers poison the DNS cache and redirect users to malicious servers.

Scenario

[BankOfAllan.co.uk] <----------> [dns VM| <----------> [Attacker (badguy.ru)]

Configuration

To manage this laboratory and perform the attack some configurations must be followed on the DNS VM.

The VM can be downloaded here.

Once logged in as root:thisisdns, it is first necessary to configure the .json file as follows and the default gateway in order to receive the FLAG once the poisoning is successful.

Default gw

root add default gw <attacker-IP>

config.json

localIP: <dns-IP>;
localDNSport: 53;
badguyIP: <badguy-IP>;
badguyDNSport: 55553;
secret: <thisIsTheSecret>;

Run

python3 attack.py

References

https://unixwiz.net/techtips/iguide-kaminsky-dns-vuln.html

About

A simple lab to perform the Kaminsky's cache poisoning attack

Resources

Readme
Activity

Stars

4 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages