## https://sploitus.com/exploit?id=A6ACD127-C2B4-54CA-B94B-FA9F58C6DBC8
# CVE-2025-40778 Proof of Concept
Educational demonstration of DNS Cache Poisoning vulnerability via Additional Records injection.
## โ ๏ธ Disclaimer
**FOR EDUCATIONAL PURPOSES ONLY**
This tool is provided for educational and authorized security testing purposes only. Unauthorized use of this tool against systems you do not own or have explicit permission to test is illegal and unethical.
The author assumes no liability for misuse or damage caused by this tool.
## ๐ Description
This PoC demonstrates how a compromised authoritative DNS server can inject poisoned records into DNS responses, potentially redirecting users to malicious servers without their knowledge.
**Attack Vector:**
- Compromised authoritative nameserver injects additional DNS records
- Poisoned records get cached by recursive resolvers
- Users querying legitimate domains get redirected to attacker-controlled IPs
- Enables transparent phishing attacks (correct URL, malicious server)
## ๐ง Requirements
```bash
pip install dnslib