Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Dynamic DNS "Spoofing" & IRC
From: Niels Bakker <niels=bugtraq () bakker net>
Date: Fri, 2 May 2003 17:18:52 +0200

* 0x90 () invisiblenet net (Intel Nop) [Fri 02 May 2003, 17:10 CEST]:
This is a trivial "feature/flaw" I've been holding onto for a bit, and it's
probably commonly known, but I haven't seen it posted anywhere, more of a
neat little thing in taking advantage of IRC and it's treatment of dyndns
within DNS if reverse lookup is possible.
By this time, your dyndns should have updated and changed your ip address to, and irc servers don't re-check after you've connected (so anyone
resolving your hostname will come up with

You can retrieve the IP address of any user on irc via the STATS L
command (the uppercase L is important).

For privacy reasons some networks (most notably Undernet but also
Freenode) have disabled this command for users that do not have IRC
Operator status.

        -- Niels.

Note: some countries impose serious penalties for a conspiracy to overthrow
      the political system. THIS DOES NOT FIX THE VULNERABILITY.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]