Vulnerability Development mailing list archives

Re: NSLOOKUP.EXE

From: Blue Boar <BlueBoar () thievco com>
Date: Thu, 20 Mar 2003 13:06:33 -0800

Patrick Webster wrote:

Can you do anything interesting with this?:

C:\>nslookup
Default Server:  dns.server.net
Address:  111.222.333.444

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA


AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

Gives error: memory can't be "read" - 0x414141 (aka A).

If you have to manually type all the A's, then probably not. Maybe ifsomeone did something silly like make a CGI script that calls nslookup.exedirectly with user input.


What OS are you testing on?  It looks like it's fixed in XP:

C:\winxp\system32>nslookup
Default Server:  dns1.snfcca.sbcglobal.net
Address:  206.13.28.12

>AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
*** Input is too long
>


                                        BB

Current thread:

NSLOOKUP.EXE Patrick Webster (Mar 20)
- Re: NSLOOKUP.EXE Blue Boar (Mar 20)
  - RE: NSLOOKUP.EXE Brett Moore (Mar 21)
  - Re: NSLOOKUP.EXE Ryan Yagatich (Mar 21)
- Re: NSLOOKUP.EXE K. K. Mookhey (Mar 23)
  - RE: NSLOOKUP.EXE Brett Moore (Mar 23)
  - Re: NSLOOKUP.EXE Marcos D. Marado Torres (Mar 24)
- <Possible follow-ups>
- RE: NSLOOKUP.EXE Patrick Webster (Mar 20)
  - RES: NSLOOKUP.EXE Cleber P. de Souza (Mar 21)
  - Re: NSLOOKUP.EXE Nexus (Mar 21)
- RE: NSLOOKUP.EXE Sillari Andrea (Mar 21)
- Re: NSLOOKUP.EXE Filip Maertens (Mar 21)

(Thread continues...)