BIND vulnerability test program..

Joshua J. Drake (drake1@CPS.CMICH.EDU)
Fri, 10 Apr 1998 00:17:56 -0400

This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
Send mail to mime@docserver.cac.washington.edu for more info.

--Boundary_(ID_pU6VHaPozY7JPEv+kHnuGQ)
Content-type: TEXT/PLAIN; charset=US-ASCII

Attached is a program written to test for vulnerability to the fake
inverse query overflow problem. If the person has a new version of bind
(the versions suggested in the CERT advisory) it will still say they are
vulnerable. The only true way to test for vulnerability remotely is to
try to crash or exploit the server.

So, in a nutshell, this program will tell you if the remote host has
their fake-iquery option turned on.

Joshua J. Drake
(scribbly handwriting here)
jdrake@pulsar.net
http://www.cps.cmich.edu/student/drake1/

--Boundary_(ID_pU6VHaPozY7JPEv+kHnuGQ)
Content-id: <Pine.NEB.3.96.980410001756.24208B@ns1.cps.cmich.edu>
Content-type: APPLICATION/octet-stream; name=boft.tar.gz
Content-description:
Content-disposition: ATTACHMENT; FILENAME=boft.tar.gz
Content-transfer-encoding: BASE64

H4sICGOdLTUCA2JvZnQudGFyAO0Za1PbSJKv6Fd0nM1GMrYsv8heHLhlCUnY
IyQH5Kqu2JRrLI2RDnnG0YzIerP579c9GtmyMb79cKTqbpkqLKm7p6ff3RIj
OW5t3fMKgl7wLAjw2mn3Ort4xdXtFNdibQW7/Xa3297tG3i70+/3tvpb32Dl
SrMMj4wyds3bd9MpnUdc6A1KonoodKHP7tb/yBqh//GvqbnSfnhP/m+jQe70
fzvotbsL/weEb/d6PcQ/+P/eV6vuAAB5X0Eyhps8FTxjo5SDliBveDZO5WcY
ywxGiYjAnWYcfvDbfgda0PP/4v/ggWATHhEXulE8w00wQbNCzG44jNGszeRT
zrMZyKlOpACdZ4JHIAVt+pwlWnMBSqY8ncFoBj9LFecMfvbhJfkE3H8Z3/w4
zVPFMl9w7Tn1luO06pDKkKWgZ1MOiQhT9JACRD22D/BC6SiRfrxfAeUiQegy
DAFpMlqBJVeCpcswnUz46s4sEVfLsJAEIhBKiNJ+ltn1RhlnqkVotcIZwUqG
11wvw5Fjgn+tRCzDWTZlLcKsAVvP3GIUGZ2dG5lE6C0RpXzIUpZNXG/gJEKj
feV1Ph3GUmkCGTqmNQuvhxQOJdkE3TO85rPptS5BiotoOGUkfgm64noFsog2
ghj2zoQlwmXZVdgA/L3xKEaIlkADeghjlkGdcJcfB84XAqET8hDPRGuxKMqG
iYCMIUPaOgbDDR7tQccwA/hSXACm6Ds9dmu5Ylf8OTxR8IJU3f9F1IrTL4OP
3qCkzjgFrn38WjJ/VLXR9xmzG9sfG3B68Pbo/OjsH0dnw/fvzi48e3yVkcrQ
6i6FlXv64eTEK06rmjhjCPvqkL2c6lF0UiwakE29O0xQJxvMDRYXB+aC4hqz
T8Uy07jbmjBjzX2ViOGYTRJMwz04eDU8Pj26GFSRU9qyB7GWQrl48KA0gltS
0Nm+MhckpGg0924sPA/29qDZnvtg24pM2mBhRQk5umzbsIs57sZ4IdxoRtFb
cEAnuqvbPGM4Z9vwNLwnfBJOZ+SMW0KhzXhzP7b3PdRgu+ISaJvnr842TxU3
qJhnmczc2gdRFsWMY6nCwkYCkGQ1rxoSZiOs8Fw8BMaXJtBXnLwhjr+UOaCi
BmCOpVwsHFuk3WW/3cGIS8QoH9v7jIS77PR3Pw4qvJetXbpPRWjvoti41vEN
OH93+Lfh+cXZ0cHbBgS3/Te1pgmZEFJjcccqrsOp5UNm2b6dMmXKHUoheIiV
7IpsWukcNwmDi8P3vm/tOh6nuYrR65HMdQEqKrN7fvz64OQMZatWLptApoi1
+4sIDYvzXDKhu2JnjCGTuCr5jcsxOeNOXRdhYBkaNcNUKo6sN6vsR1JwH2tL
VcbAq7hhOexN4rhF9pKAfhnLFUnnMK9RZmwh/F1pUoSmsjKZGGlA7YmqNYps
FVqyJb6FsJWwRsaC0svuLfKpuC/FoifPKlbEK+pVbRLFZeGdR9V2QS4qCMpo
X1c5zbZKS6FdJvwb8L3dBb//Xh7/Yg8jeD2TShMy++eHlX7DtpCoSq/yTXso
lFw1zvIeSosN+yphUxaFpSasxLz7KWHLwCJq1iQC3gxfvjopkKUot0L2OZTJ
R7MYth4cxXI9j0v+a6LNAbbpVP2Gf2ShRVcpAFa2N0cHL4/OoB4JFVc6z1RT
LygprULzsAiW21IqqSLoFDFdfCF4tgZ7q7nUcBz1u36vZkMO67/ipbBYuuaB
acUnMhzNxkmKsyPmHMqLYcwirD44mCEDUgBPcEuFPFRhUCKa+0m0vT3vgtS/
vSe7/X7XVpuC5lNGNEEFIqehjDhBj//+4ejsnxUUY6vEOlyFZObQdhXCViG5
yBWP7E7UMOMTHOEjM75T72ajJE30DNxEP1XwG88kxlOGms+8BZPpXPKFMfCw
UviqTJ+iUOZCz40RVC3AxDKyXUUKtWlnthZpQ2Znr3Rn4R6LxCBbg0Ej6Dgx
yWg8LWm8NO0GXMzOmPoPtnjuWWXrLjLa2cESCk9/CZ5Wzt3ZGcyDBtPFsMNR
APveuLgvg+f9h4vzNzjuuRfDgwbJVQg4Bx9ilV6Gn7w7fe1izK+j7q0hLXrA
HGxV760YCbt6YQwz6aGC0PVgp7QQZRI99mzO2PmknC5s7q+W5TKlbIHdNJcs
lwYD0pPpJU0mdbwxGWVePc092htvllUvODYsxaJZ0BsjN+IgpoFTvZntqdgv
MCuCEkVF5qWWbjbha2qS8qgytNhAtz18MctZy6x0ng2Gqf/XLEPKU7be0v22
UkT2n3R6fWQNXb/L0vPDSvXqFXvW7zLoHzn7lj0rXfiPN5nlGm2pSuErdYsG
opX2v2Ys3/ozLvr+9xY7PNY1fm/ffzd+/wuC3rPF99+2oUOyoPvw/e8brMND
euUIQ+fw1cnB63N8aL7rOM5jnLlCOZnQqwOD2snxT4iqQYpDl+8TuuyqNFrg
+zDLEoWIx1BQQjMVKsXf4l0Qb4q35pWNP52/hBXQSSLyX+d8HIel6XMYSTnB
n7F2HPolQPnF2tn+zj089AB/jQIeNKUhrdAgkth55pNDMrWcwpQz8RzL0wSa
4zl3OUHQjzyMJdTeI4XiwKOkaPdlnuC7qfP/lP/m6298j///waTe9P+fTveZ
zf+gj4XC5H8Q9B/y/xusx49ao0S0VOyYmG8KqL2RSv8Vao7p48enOI+ZBHQ+
xxj7cAm17wywRkNAjd4Wa9Bky9BPOUE/DnDgpi7rt0xGFhTmHXP1LNOKl4+j
ryV/zp78sB7Ww3pY32L9G/FgKAkAIgAA

--Boundary_(ID_pU6VHaPozY7JPEv+kHnuGQ)--