Monday, February 6, 2023
  • How Data Governance Policies Impact Cybersecurity
  • Maximizing Your Efficiency as a Cloud Engineer: The Right Tools Make All the Difference
  • ChatGPT-Written Malware Will Change the Threat Landscape
  • Hunter Biden’s Laptop Revisited: What it Means for Cloud Storage
  • What Cybersecurity Metrics Should I Report to My Board?

Security Boulevard Logo

Security Boulevard

The Home of the Security Bloggers Network

Community Chats Webinars Library
  • Home
    • Cybersecurity News
    • Features
    • Industry Spotlight
    • News Releases
  • Security Bloggers Network
    • Latest Posts
    • Contributors
    • Syndicate Your Blog
    • Write for Security Boulevard
  • Webinars
    • Upcoming Webinars
    • On-Demand Webinars
  • Events
    • Upcoming Events
    • On-Demand Events
  • Chat
    • Security Boulevard Chat
    • Marketing InSecurity Podcast
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • TechstrongTV - Twitch
  • Library
  • Related Sites
    • Techstrong Group
    • Container Journal
    • DevOps.com
    • Security Boulevard
    • Techstrong Research
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
    • Devops Chat
    • DevOps Dozen
    • DevOps TV
  • Media Kit
  • About Us
  • Sponsor

  • Analytics
  • AppSec
  • CISO
  • Cloud
  • DevOps
  • GRC
  • Identity
  • Incident Response
  • IoT / ICS
  • Threats / Breaches
  • More
    • Blockchain / Digital Currencies
    • Careers
    • Cyberlaw
    • Mobile
    • Social Engineering
  • Humor
Security Bloggers Network 

Home » Security Bloggers Network » Dolos DNS Rebiner: What You Need to Know

SBN

Dolos DNS Rebiner: What You Need to Know

by Craig Young on May 30, 2019

Although DNS rebinding attacks have been known for over a decade now, they are only recently receiving attention as a practical attack surface.

TechStrong Con 2023Sponsorships Available

In the last year, quite a few popular products have been shown to lack DNS rebinding protections, and as a result, someone could operate them remotely using a malicious web site. Manufacturers have made a habit of giving consumers connected devices that are controlled by unauthenticated HTTP requests via the local network.

This mentality, that the private LAN is trusted, is undermined by the impact of DNS rebinding. It also turns out that vulnerabilities within HTTP-based applications can be unexpectedly exploited across network boundaries. For example, the recent ES File Explorer ‘Open Port Vuln’ was generally reported as only being exploitable by an attacker on the same WiFi network as the victim. This was in fact an understatement of the risk since the vulnerable HTTP server cannot differentiate between legit and relayed requests.

Last year, I created an integrated DNS/HTTP server designed to facilitate DNS rebinding attacks which can be created on the fly with a simple UI. This software, called Dolos, has been used in Black Hat USA and SecTor training classes. Now, in coordination with my upcoming talk at Infosec EU, I have released the source code on GitHub!

Dolos simplifies the process of creating an exploit by empowering users with two modes of network discovery as well as automated target discovery and payload delivery.

In most cases, the Dolos operator will only need to supply a port number for the targeted HTTP server, a path which exists on that server and finally a JavaScript snippet intended to execute after the rebinding is complete. Dolos then generates HTML payloads which are saved as attack profiles. Once a victim browser on the targeted network opens (Read more...)

*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Craig Young. Read the original post at: https://www.tripwire.com/state-of-security/vert/dolos-dns-rebiner/

May 30, 2019May 31, 2019 Craig Young dns, Dolos, VERT
  • ← Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors
  • Executive Order on America’s Cybersecurity Workforce: From Strategy to Reality →

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows
TSTV Podcast

Subscribe to our Newsletters

Most Read on the Boulevard

‘Finish Him!’ US Kills Huawei With Final Tech Ban
Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology
AI, Processor Advances Will Improve Application Security
OpenSSF Head Delivers AI Warning for Application Security
The Top HEAT Attacks of 2022
Mustang Panda APT Group Uses European Commission-Themed Lure to Deliver PlugX Malware
Hospitals Hit by DDoS Attacks as Killnet Group Targets the Healthcare Sector – What You Need to do Now
3 Trends in Successful Threat Hunting Across Networks in a Multi-Cloud World
ChatGPT and API Security
Automating security for Linux servers and applications

Upcoming Webinars

Mon 13

AI in Machine Learning

February 13 @ 1:00 pm - 2:00 pm
Wed 15

Understanding Cyber Insurance Identity Security Requirements for 2023

February 15 @ 11:00 am - 12:00 pm
Wed 15

Where Will DevSecOps ‘Shift’ Next?

February 15 @ 1:00 pm - 2:00 pm
Tue 21

Headwinds, Crosswinds and Tailwinds: Securing the Cloud in Turbulent Times

February 21 @ 1:00 pm - 2:00 pm
Wed 22

Three Steps to Software Supply Chain Security Success in 2023

February 22 @ 1:00 pm - 2:00 pm
Tue 28

SaaS-Based Container Networking and Security on Amazon EKS

February 28 @ 11:00 am - 12:00 pm
Mar 20

Software Supply Chain Security

March 20 @ 1:00 pm - 2:00 pm

More Webinars

Download Free eBook

The Dangers of Open Source Software and Best Practices for Securing Code

Industry Spotlight

Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology
Analytics & Intelligence API Security Application Security Cloud Security Cloud Security Cybersecurity Data Security DevOps Editorial Calendar Endpoint Featured Humor Identity & Access Incident Response Industry Spotlight IOT IoT & ICS Security Mobile Security Most Read This Week Network Security News Popular Post Security Awareness Security Boulevard (Original) Security Operations Software Supply Chain Security Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology

February 3, 2023 Richi Jennings | 3 days ago 0
‘Finish Him!’ US Kills Huawei With Final Tech Ban
AI and Machine Learning in Security AI and ML in Security Analytics & Intelligence Application Security Cloud Security Cloud Security Cyberlaw Cybersecurity Data Security Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Industry Spotlight IOT IoT & ICS Security Mobile Security Most Read This Week Network Security News Popular Post Regulatory Compliance Security Awareness Security Boulevard (Original) Social Engineering Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

‘Finish Him!’ US Kills Huawei With Final Tech Ban

February 1, 2023 Richi Jennings | 4 days ago 0
US No-Fly List Leaked via Airline Dev Server by @_nyancrimew
Analytics & Intelligence API Security Application Security Cloud Security Cyberlaw Cybersecurity Data Security DevOps Editorial Calendar Featured Governance, Risk & Compliance Humor Identity & Access Incident Response Industry Spotlight Most Read This Week Network Security News Popular Post Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

US No-Fly List Leaked via Airline Dev Server by @_nyancrimew

January 23, 2023 Richi Jennings | Jan 23 0

Top Stories

ChatGPT-Written Malware Will Change the Threat Landscape
AI and Machine Learning in Security AI and ML in Security Application Security Cybersecurity Editorial Calendar Featured Identity & Access Malware News Security Boulevard (Original) Spotlight Threat Intelligence Threats & Breaches Vulnerabilities 

ChatGPT-Written Malware Will Change the Threat Landscape

February 6, 2023 Sue Poremba | 3 hours ago 0
Hunter Biden’s Laptop Revisited: What it Means for Cloud Storage
Cloud Security Cyberlaw Cybersecurity Data Security Featured Governance, Risk & Compliance Identity & Access News Security Boulevard (Original) Spotlight 

Hunter Biden’s Laptop Revisited: What it Means for Cloud Storage

February 6, 2023 Mark Rasch | 4 hours ago 0
Fortinet Adds Services to Help Close Cybersecurity Skills Gap
Cybersecurity Featured Incident Response News Security Awareness Security Boulevard (Original) Spotlight Threats & Breaches Vulnerabilities 

Fortinet Adds Services to Help Close Cybersecurity Skills Gap

February 3, 2023 Michael Vizard | 2 days ago 0

Security Humor

Randall Munroe’s XKCD ‘Bursa of Fabricius’

Randall Munroe’s XKCD ‘Bursa of Fabricius’

Security Boulevard Logo White

DMCA

Join the Community

  • Add your blog to Security Bloggers Network
  • Write for Security Boulevard
  • Bloggers Meetup and Awards
  • Ask a Question
  • Email: [email protected]

Useful Links

  • About
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • DMCA Compliance Statement
  • Privacy Policy

Related Sites

  • Techstrong Group
  • Container Journal
  • DevOps.com
  • Digital CxO
  • Techstrong Research
  • Techstrong TV
  • Techstrong.tv Podcast
  • DevOps Chat
  • DevOps Dozen
  • DevOps TV
Powered by Techstrong Group
Copyright © 2023 Techstrong Group Inc. All rights reserved.