2020-11-11 21:27:34 +00:00
|
|
|
id: spoofable-spf-records-ptr
|
|
|
|
|
|
|
|
|
|
info:
|
|
|
|
|
name: Find spoofable SPF records containing the PTR mechanism
|
|
|
|
|
author: binaryfigments
|
|
|
|
|
severity: info
|
|
|
|
|
description: Check if TXT records in DNS for SPF records that have the PTR mechanism that is spoofable.
|
2021-02-12 06:19:06 +00:00
|
|
|
tags: dns,spf
|
2020-11-11 21:27:34 +00:00
|
|
|
|
|
|
|
|
dns:
|
|
|
|
|
- name: "{{FQDN}}"
|
|
|
|
|
type: TXT
|
|
|
|
|
class: inet
|
|
|
|
|
recursion: true
|
|
|
|
|
retries: 3
|
|
|
|
|
matchers:
|
|
|
|
|
- type: word
|
|
|
|
|
words:
|
|
|
|
|
- "v=spf1"
|
|
|
|
|
- " ptr "
|
|
|
|
|
condition: and
|
