Nmap Development mailing list archives
Re: DNS fuzzer
From: Michael Pattrick <mpattrick () rhinovirus org>
Date: Sat, 27 Mar 2010 03:19:02 -0400
On Fri, Mar 26, 2010 at 8:46 PM, David Fifield <david () bamsoftware com> wrote:
On Sun, Mar 21, 2010 at 07:28:14PM -0400, Michael Pattrick wrote:I've been playing with Bind10 lately, I wanted to incorporate fuzz testing in the mix but could only find one DNS fuzzer[0]. It didn't really suit my needs and was closed source so I wrote my own. Attached is my fuzzer. It's a very naive fuzzer and hasn't found any flaws yet, so I'd appreciate feedback on it or suggestions on how such a fuzzer could be improved.Your script needs some more documentation. I can't tell what it does from just looking at it. In your "description" field, explain at a high level what the script is doing and how many packets it's sending.
New version, with docs, attached.
I understand that since you may be making broken packets, you can't use the dns library for everything, but if you find a place where you can make use of it then you should.
The DNS library doesn't appear to support sending compressed DNS queries. The basic operation of this fuzzer is to induce bit errors. Sort of like the 'dumb fuzzers' described by Charlie Miller and used to win this years Pwn2Own. And just to clarify, I don't think this script should be included by default with Nmap. Instead I'm leaving it on the mailing list to be discovered by anyone who needs it. -M
Attachment:
dns-fuzz.nse
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- DNS fuzzer Michael Pattrick (Mar 21)
- Re: DNS fuzzer David Fifield (Mar 26)
- Re: DNS fuzzer David Fifield (Mar 26)
- Re: DNS fuzzer Michael Pattrick (Mar 27)
- Re: DNS fuzzer Ron (Mar 27)
- Re: DNS fuzzer Patrik Karlsson (Mar 27)
- Re: DNS fuzzer Michael Pattrick (Mar 27)
- Re: DNS fuzzer David Fifield (Mar 29)
- Re: DNS fuzzer Michael Pattrick (Mar 29)
- Re: DNS fuzzer David Fifield (Mar 26)