Saturday, December 5, 2009

Filled Under: , ,

RSnake On DNS Rebinding [Video]

DNS Rebinding is a really good technique through which an Normal Internet user would be tricked easily. Robert Hansen aka RSnake is a security expert and you won't believe but i am big fan of him. Because If you know that much in hacking stuff RSnake Know alot then you. He is great you can also visit his blog here ha.ckers.org

 rsnake

Now lets talk about some DNS Rebinding in basics and we will also see totally cool RSnake’s video on this. He explains every tiny bit of the exploit. Well i want to tell you guys that i am not to good in this whole matter of DNS Rebinding, Because i am still learning and i would not be able to help you guys with this matter that much but still.

So lets start -

 

How DNS Rebinding Works

 

The attacker registers a domain which is delegated to a DNS server he controls. The server is configured to respond with a very short TTL parameter, which prevents the response from being cached….

 

The first response contains the IP address of the server hosting the malicious code. Subsequent responses contain spoofed private network IP addresses (RFC1918), presumably behind a firewall, being target of the attacker.

 

Because both are fully valid DNS responses, they authorize the sandboxed script to access hosts inside the private network. By returning multiple short-lived IP addresses, the DNS server enables the script to scan the local network or perform other malicious activities.

 

Video

 

DNS Rebinding with Robert RSnake Hansen from Robert Hansen on Vimeo.

 

Conclusion

Ok that was really great video by RSnake . Well i don't if he will see this webpage or have he ever been to my blog. That would be so great. But till then you can rely on me.

 how_it_works_2

 

Well Here is a image for explaining a bit more to you about the DNS rebinding.

 

Happy Hacking @hackerthedude

blog comments powered by Disqus