+++ to secure your transactions use the Bitcoin Mixer Service +++

 

We need Your Support. Make a Donation now! or Buy Me A Coffee

Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TrueCrypt?

From: "Dave Warren" <davew () hireahit com>
Date: Sat, 07 Jun 2014 09:58:04 -0700
Given that everything in that zone is public anyway, what's the problem?

I agree that locking down zone transfers is best practise, and allowing open transfers is odd, but this one looks 
simple enough and straightforward enough that I have trouble getting too excited about public information being public. 



On Jun 6, 2014, at 17:49, "surivaton surivaton" <surivaton () gmail com> wrote:

Truecrypt is either stupid or its they way of telling everyone
something is wrong.
Why?
root@kali:~# fierce -dns truecrypt.org
DNS Servers for truecrypt.org:
   ns1.truecrypt.org
   ns2.truecrypt.org

Trying zone transfer first...
   Testing ns1.truecrypt.org

Whoah, it worked - misconfigured DNS server found:
truecrypt.org.    259200    IN    SOA    ns1.truecrypt.org.
dns-admin.truecrypt.org. (
                   2010021509    ; Serial
                   10800    ; Refresh
                   3600    ; Retry
                   604800    ; Expire
                   10800 )    ; Minimum TTL
truecrypt.org.    259200    IN    NS    ns1.truecrypt.org.
truecrypt.org.    259200    IN    NS    ns2.truecrypt.org.
truecrypt.org.    259200    IN    A    72.233.34.82
truecrypt.org.    259200    IN    MX    10 truecrypt.org.
truecrypt.org.    259200    IN    TXT    "v=spf1 ip4:72.233.34.82
mx:truecrypt.org -all"
forums.truecrypt.org.    259200    IN    A    72.233.34.83
ns1.truecrypt.org.    259200    IN    A    72.233.34.82
ns2.truecrypt.org.    259200    IN    A    72.233.34.84
upload.truecrypt.org.    259200    IN    A    72.233.34.84
www.truecrypt.org.    259200    IN    A    72.233.34.82

There isn't much point continuing, you have everything.
Have a nice day.
Exiting...
root@kali:~#
Who in there right mind lets you do zone transfers.
I mean seriously back in windows server 2003 it was common but god
damn I think they are trying to tell us something.



_______________________________________________
Sent through the Full Disclosure mailing list
http://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/
Previous By Date Next
Previous By Thread Next

Current thread: