| Completed |
sniffing on all kinds of configured devices
(Ethernet, PPP, ...) |
| Completed |
capturing and decoding nearly all types of DNS
packets, including packet decompression |
| Completed |
ncurses driven text based frontend with interactive
commandline and multiple windows |
| Completed |
threaded design allow more flexibility when adding
your own features |
| Completed |
clean code, commented and tested just fine, ready for
you to extend :-) |
| Completed |
internal DNS packet filtering allows installation of
pseudo DNS filters you can "select()" on |
| Completed |
a large set of DNS packet construction primitives
|
| Completed |
DNS name server versioning using BIND version requests
|
| Completed |
DNS local spoofing, answering DNS queries on your LAN
before the remote NS |
| Completed |
DNS jizz spoofing, exploiting a weakness within old
BIND versions |
| Completed |
DNS ID spoofing, exploiting a weakness within the DNS
protocol itself |
| Missing |
DNS DoS attacks, probably won't be done by us cause
it's just too lame |
| Missing |
DNS amplification attacks, such as query-multiply or
answer-size attacks |
| Missing |
DNS traceroute, chained DNS route discovery (see TESO
advisory #003) |
| Missing |
DNS exploitation of buffer overflows in some BIND
versions (see t666.c/nxt.tgz) |
| Missing |
DNS compression attacks against numerous sniffing
programs (tcpdump, ethereal, see zlip.c) |
| Missing |
DNS SOA record decoding, I'm too lazy |
| Missing |
DNS mass functions, such as mass resolve (any query type),
mass versioning, etc. |
| Missing |
DNS "collect servers" function, where zodiac tries
passivly and activly to obtain as much nameserver IP addresses
as possible just from watching and reacting to local DNS traffic
|