CYBER MONGOL
  • Our Journey
  • ASATA
  • Human-Machine Teaming
  • Operator Research
  • Offensive Intelligence
  • Our Journey
  • ASATA
  • Human-Machine Teaming
  • Operator Research
  • Offensive Intelligence
Search by typing & pressing enter

YOUR CART

1/26/2021 0 Comments

DNSpooq PoC - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)

Picture
Sensors have ingested an exploit PoC that targets:
“7 vulnerabilities found in dnsmasq, an open-source DNS forwarding software in common use. Dnsmasq is very popular, and we have identified approximately 40 vendors whom we believe use dnsmasq in their products, as well as major Linux distributions.” Potential Impact “includes DNS cache poisoning, remote code execution and others. According to our internet-based research, prominent users of dnsmasq seem to include Cisco routers, Android phones, Aruba devices, Technicolor, and Red-Hat, as well as Siemens, Ubiquiti networks, Comcast.” - www.jsof-tech.com
 
PoC:
https://github.com/knqyf263/dnspooq
 
Blog:
https://www.jsof-tech.com/disclosures/dnspooq/
 
Paper:
https://www.jsof-tech.com/wp-content/uploads/2021/01/DNSpooq-Technical-WP.pdf
 
#cyberthreatintelligence #infosec #cybersecurity #informationsecurity #threatintelligence #networksecurity #sec #security #tools #offensivesecurity #pentesting #redteam #blueteam
0 Comments



Leave a Reply.

    Archives

    March 2021
    February 2021
    January 2021

    RSS Feed

contact us:
© COPYRIGHT 2015. ALL RIGHTS RESERVED.