Niels Hofmans hazcod

BIND 9 Cache Poisoning via Unsolicited Answer Records (CVE-2025-40778)

Overview

A vulnerable BIND 9 resolver (version 9.18.39) accepts and caches resource records that were not requested in the original DNS query. An off-path attacker who can race or spoof responses may inject forged address data into the resolver cache. Once poisoned, subsequent clients are redirected to attacker-controlled infrastructure without triggering fresh lookups. The issue is tracked as CVE-2025-40778 and carries a published CVSS v3.1 score of 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N).

Affected Software

Product: BIND 9 recursive resolver
Version tested: 9.18.39 (affected)
Known affected ranges:
9.11.0 – 9.16.50

Risk Assessment of GitHub Copilot

0xabad1dea, July 2021

this is a rough draft and may be updated with more examples

GitHub was kind enough to grant me swift access to the Copilot test phase despite me @'ing them several hundred times about ICE. I would like to examine it not in terms of productivity, but security. How risky is it to allow an AI to write some or all of your code?

Ultimately, a human being must take responsibility for every line of code that is committed. AI should not be used for "responsibility washing." However, Copilot is a tool, and workers need their tools to be reliable. A carpenter doesn't have to

Create template actions that's used to verify Go language pull requests before merging. It's easy to custom the flow, tools with your case.

Put pr_checker.yml or pr_checker_simple.yml to .github/workflows/ and see how it works with your pull requests. Make sure you are allows to use actions of Github.

pr_checker.yml is using by mine with full checking tools. It will make sure every Go langauge pull requests will be buildable, testable, passed security checking and error-able code checking.
pr_checker_simple.yml is more simpler with buildable, testable.

References:

Red Hat Security: Securing Containers & OpenShift (DO425)

Last update: Tue Jan 14 23:15:49 UTC 2020 by @luckylittle

Objectives

Understand, identify, and work with containerization features
Deploy a preconfigured application and identify crucial features such as namespaces, SELinux labels, and cgroups

	console.log("[*] SSL Pinning Bypasses");
	console.log(`[*] Your frida version: ${Frida.version}`);
	console.log(`[*] Your script runtime: ${Script.runtime}`);

	/**
	* by incogbyte
	* Common functions
	* thx apkunpacker, NVISOsecurity, TheDauntless
	* Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that.
	* !!! THIS SCRIPT IS NOT A SILVER BULLET !!


	name = "assetfinder"
	type = "ext"

	function vertical(ctx, domain)
	print("in asset finder")
	local cmd = outputdir(ctx) .. "assetfinder --subs-only " .. domain

	local data = assert(io.popen(cmd))
	for line in data:lines() do

	# Generated by iptables-save v1.4.21 on Sun Jan 19 08:14:54 2020
	*raw
	:PREROUTING ACCEPT [17478:786616]
	:OUTPUT ACCEPT [15285:6842393]
	COMMIT
	# Completed on Sun Jan 19 08:14:54 2020
	# Generated by iptables-save v1.4.21 on Sun Jan 19 08:14:54 2020
	*nat
	:PREROUTING ACCEPT [412:43501]
	:INPUT ACCEPT [54:3686]

	#!/bin/bash

	# Copyright © 2017 Google Inc.
	# Licensed under the Apache License, Version 2.0 (the "License");
	# you may not use this file except in compliance with the License.
	# You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing, software

	#!/usr/bin/env bash
	set -euo pipefail
	shopt -s inherit_errexit 2>/dev/null \|\| true

	# this script will connect macOS to Cloudflare Warp using Wireguard
	# note: this is absolutely not an official client from Cloudflare

	# Copyright (C) 2019 Jay Freeman (saurik)

	# Zero Clause BSD license {{{