CVE-2020-8617 PoC — ISC BIND 安全漏洞

Source

https://github.com/knqyf263/CVE-2020-8617

Associated Vulnerability

Title:ISC BIND 安全漏洞 (CVE-2020-8617)
Description:ISC BIND是美国ISC公司的一套实现了DNS协议的开源软件。 ISC BIND中存在安全漏洞。远程攻击者可利用该漏洞导致拒绝服务。以下产品及版本受到影响：BIND 9.0.0版本至9.11.18版本，9.12.0版本至9.12.4-P2版本，9.14.0版本至9.14.11版本，9.16.0版本至9.16.2版本，9.17.0版本至9.17.1版本，9.13版本，9.15版本，BIND Supported Preview Edition from 9.9.3-S1版本至9.11.18-S1版本。

Description

PoC for CVE-2020-8617 (BIND)

Readme

# CVE-2020-8617
PoC for CVE-2020-8617

For educational purposes only

![demo](imgs/CVE-2020-8617.gif)

## Run
This image runs a standard BIND server, which automatically generates a tkey "local-ddns".

```
$ docker run --rm --name cve-2020-8617 -it -p 53:53/udp knqyf263/cve-2020-8617
```

## Exploit

```
$ pipenv install
$ pipenv run python exploit.py
```

## Reference
- https://kb.isc.org/docs/cve-2020-8617

## Author
Teppei Fukuda

File Snapshot


 [4.0K]  /data/pocs/3b3c1a89f413f95753cd29ef44c97772e51fcf6a
├── [4.0K]  contents
│   ├── [ 715]  example.com.signed.zone
│   ├── [ 655]  example.com.zone
│   ├── [  37]  named
│   └── [1.9K]  named.conf
├── [1.8K]  Dockerfile
├── [ 405]  exploit.py
├── [4.0K]  imgs
│   └── [7.1M]  CVE-2020-8617.gif
├── [ 11K]  LICENSE
├── [ 150]  Pipfile
├── [ 678]  Pipfile.lock
└── [ 437]  README.md

2 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!