Code Monkey home page Code Monkey logo

Comments (5)

GoogleCodeExporter avatar GoogleCodeExporter commented on August 27, 2024 
I'm looking into the issue, and it is reproducible. Based on my initial 
testing, this looks like a bug in Rebind; the code will likely have to be 
updated to explicitly handle queries with the OPT flag set.

Original comment by [email protected] on 7 Aug 2010 at 8:37

from rebind.

GoogleCodeExporter avatar GoogleCodeExporter commented on August 27, 2024 
Update: I've confirmed that this is a bug in the Rebind DNS server. With OPT 
set in the DNS request, Rebind places the OPT response in the Answers section 
instead of the Additional Records section of the DNS response packet. This 
makes the second IP address (that of the victim IP) appear as part of the 
Additional Records section.

Original comment by [email protected] on 7 Aug 2010 at 8:48

from rebind.

GoogleCodeExporter avatar GoogleCodeExporter commented on August 27, 2024 
Bug fixed. DNS responses for dnssec and non-dnssec lookups both report the 
correct IP addresses in the answer section:

##########################################################################
user@machine:~$ dig @<rebind IP> wacme.attacker.com
##########################################################################

; <<>> DiG 9.7.0-P1 <<>> @<rebind IP> wacme.attacker.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5352
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;wacme.attacker.com.            IN  A

;; ANSWER SECTION:
wacme.attacker.com.     5   IN  A   <rebind IP>
wacme.attacker.com.     5   IN  A   <target IP>

;; Query time: 47 msec
;; SERVER: <rebind IP>#53(<rebind IP>)
;; WHEN: Sat Aug  7 19:47:19 2010
;; MSG SIZE  rcvd: 62

##########################################################################





##########################################################################
user@machine:~$ dig @<rebind IP> wacme.attacker.com +dnssec
##########################################################################

; <<>> DiG 9.7.0-P1 <<>> @<rebind IP> wacme.attacker.com +dnssec
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 30948
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags: do; udp: 4096
;; QUESTION SECTION:
;wacme.attacker.com.            IN  A

;; ANSWER SECTION:
wacme.attacker.com.     5   IN  A   <rebind IP>
wacme.attacker.com.     5   IN  A   <target IP>

;; Query time: 47 msec
;; SERVER: <rebind IP>#53(<rebind IP>)
;; WHEN: Sat Aug  7 19:47:22 2010
;; MSG SIZE  rcvd: 73

##########################################################################

Code changes should also enable Rebind to handle other types of DNS requests 
that have Additional sections.

Original comment by [email protected] on 8 Aug 2010 at 12:16

  • Changed state: Fixed

from rebind.

GoogleCodeExporter avatar GoogleCodeExporter commented on August 27, 2024 
Perfect, can't reproduce this issue with version 0.3.3 any more on ISP's DNS.

Thanks

Original comment by [email protected] on 8 Aug 2010 at 1:10

from rebind.

GoogleCodeExporter avatar GoogleCodeExporter commented on August 27, 2024 
Awesome, thanks for the bug report and verification. Marking bug as verified.

Original comment by [email protected] on 8 Aug 2010 at 1:17

  • Changed state: Verified

from rebind.

Related Issues (4)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.