Bugtraq mailing list archives

By Date

By Thread

Re: Administrivia: Real domain names in PoC/exploit examples

On Fri, May 28, 2010 at 08:38:57AM -0700, Nate Eldredge wrote:

On Fri, 28 May 2010, dm () securityfocus com wrote:

And this is the sort of thing that would be appropriate:
- www.example.com (this is really the best way to go)

Except that www.example.com, while reserved according to RFC 2606, 
actually resolves to a host with a web server (running, interestingly, 
Apache 2.2.3 from circa 2006), which gives you a page telling you about 
RFC 2606.  It appears to be run by the IANA.  So it might be polite not to 
use this, so as not to attack the IANA by mistake.

Better would be the reserved TLDs from RFC 2606, which AFAIK should never 
resolve at all: *.test, *.example, and *.invalid.  Unfortunately, 
"www.foo.example" is less obviously a host name compared to 
"www.example.com".

- Some other place-holder that is not a valid domain such as <victim>,
etc.

That works too.

-- 

Okay, agreed. Let us not abuse IANA's poor little Apache 2.2.3
server. 

So, to sum up, these guys are good for exploit/PoC examples:

1. Place-holder such as <victim>.
2. Reserved TLDs from RFC 2606 such as *.test, *.example, and
*.invalid.


-- 
Dave McKinney
Symantec

keyID: E461AE4E
key fingerprint = F1FC 9073 09FA F0C7 500D  D7EB E985 FAF3 E461 AE4E

By Date

By Thread

Current thread:

• Administrivia: Real domain names in PoC/exploit examples dm (May 28)
  • Re: Administrivia: Real domain names in PoC/exploit examples Nate Eldredge (May 28)
    • Re: Administrivia: Real domain names in PoC/exploit examples dm (May 28)