Comments
really? the average script kiddie knucklehead is about to download that module and actually get anywhere with it?
doubtful.
Point taken. I saw on Wired: Threat Level that HD said the following about his module:
"Moore says the code currently has a limitation:
This exploit can't be used to overwrite an existing cache entry, so attackers will have a hard time spoofing common host names on busy DNS servers. The module added to Metasploit will display the expiration date for any pre-cached entries and automatically wait for that amount of time for completing the attack."
Correct. This might be a bit more technical then what a basic script kiddie could be capable of. Seems that you would just have to wait for the cached entries to expire...?
Has anyone tested this in a lab yet?
Don't get me wrong I'm not saying its not dangerous, its just frustrating that people immediately lump a metasploit module --especially in this case because its only an aux module with script kiddie mass pwnage.
with the number of "why cant i exploit my XP SP2+ box with DCOM" questions I see and take, I dont think we have to be too worried about the lowest common denominator on this one.
When submitting a comment you may not see it until it is approved by the moderator!