InfoSec LAB

DNS

Nmap discovered a DNS server running on the target port 53 The service is dnsmasq 2.76

Reverse Lookup

┌──(kali㉿kali)-[~/archive/htb/labs/mirai]
└─$ nslookup              
> server 10.10.10.48
Default server: 10.10.10.48
Address: 10.10.10.48#53
> 127.0.0.1
;; communications error to 10.10.10.48#53: timed out
1.0.0.127.in-addr.arpa	name = localhost.
> 10.10.10.48
** server can't find 48.10.10.10.in-addr.arpa: NXDOMAIN

Reverse lookup failed.

Vulnerability

┌──(kali㉿kali)-[~/archive/htb/labs/mirai]
└─$ searchsploit dnsmasq 2.76
----------------------------------------------------- ---------------------------------
 Exploit Title                                       |  Path
----------------------------------------------------- ---------------------------------
Dnsmasq < 2.78 - 2-byte Heap Overflow                | multiple/dos/42941.py
Dnsmasq < 2.78 - Heap Overflow                       | multiple/dos/42942.py
Dnsmasq < 2.78 - Information Leak                    | multiple/dos/42944.py
Dnsmasq < 2.78 - Integer Underflow                   | multiple/dos/42946.py
Dnsmasq < 2.78 - Lack of free() Denial of Service    | multiple/dos/42945.py
Dnsmasq < 2.78 - Stack Overflow                      | multiple/dos/42943.py
----------------------------------------------------- ---------------------------------
shellcodes: No Results
papers: No Results

dnsmasq 2.76 is vulnerable to buffer overflow. There are a lot of exploits available.

InfoSec LAB

Explorer

Mirai_DNS

DNS

Reverse Lookup

Vulnerability

Interactive Graph View

Table of Contents

Backlinks