DNS Lookup Result Comparison
This module can be used to determine differences in the cache entries between two DNS servers. This is primarily useful for detecting cache poisoning attacks, but can also be used to detect geo-location loadbalancing.
Rank
- Normal
Authors
- hdm < hdm [at] metasploit.com >
Development
Similar Modules
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/spoof/dns/compare_results
msf auxiliary(compare_results) > set TARGDNS [ADDRESS]
msf auxiliary(compare_results) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/spoof/dns/compare_results
msf auxiliary(compare_results) > set TARGDNS [ADDRESS]
msf auxiliary(compare_results) > run
Module Options
| BASEDNS | The DNS cache server to use as a baseline (default: 4.2.2.3) |
| CHECK_ADDITIONAL | Set this to true to verify additional records |
| CHECK_AUTHORITY | Set this to true to verify authority records |
| NAMES | The list of host names that should be tested (comma separated) (default: www.google.com,www.yahoo.com,www.msn.com) |
| TARGDNS | The DNS cache server to test |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |