Fix for undefined method each in Metasploit’s bailiwicked_domain.rb (CVE-2008-1447 DNS cache poisoning module)# 🚀 metasploit-bailiwicked_domain-fix
**Fix for `undefined method each` in Metasploit’s `bailiwicked_domain.rb` (CVE-2008-1447 DNS cache poisoning module)**
---
## 🔎 Problem
While testing **CVE-2008-1447** using Metasploit, the original module crashed with:
```
undefined method `each` for an instance of IPAddr (NoMethodError)
```
This happens because the code calls **`.each` on an `IPAddr` object** instead of an array.
---
## 🛠️ Fix
The fix is to **wrap the IP object in an array before iterating**:
```ruby
[ip].each do |addr|
# original code logic
end
```
✅ This prevents the **NoMethodError** and allows the module to run successfully.
---
## 📌 Usage
1. **Replace** your original `bailiwicked_domain.rb` with the fixed one in this repo.
- Location: `/usr/share/metasploit-framework/modules/auxiliary/spoof/dns/bailiwicked_domain.rb`
2. **Restart** Metasploit.
3. **Load and run** the module as usual.
---
## 📝 Notes
- Tested on Metasploit Framework version: [6.4.69-dev]
- This fix only addresses the IPAddr.each crash — functionality remains the same.
---
## ⚠️ Disclaimer
This module exploits a **known DNS vulnerability (CVE-2008-1447)**.
👉 Use **only in a controlled lab environment** for **research and educational purposes**.
---
✨ If this fix helped you, consider giving the repo a ⭐!
[4.0K] /data/pocs/6489f1425db029037a0fabeb996d9721a1781b22
├── [ 15K] bailiwicked_domain.rb
└── [1.3K] README.md
0 directories, 2 files