Cenzic 232 Patent
Paid Advertising
web application security lab

Sample DNS Rebinding Code

I’ve been toying around a little with DNS rebinding code lately, with some mixed results. Firstly, Java fixed their DNS rebinding issues (although it is my opinion they are still vulnerable, just in a different way - I talked with Dan Kaminsky about this and he agrees. Also CUPS fixed their DNS rebinding issues as well. All good things. However, there’s still tons of exploits left to find in this arena.

Anyway, I went hunting for some good sample DNS rebinding server code, and I couldn’t find anything that was remotely good or easy to work with in a test environment. So I whipped up some sample code quickly for anyone interested in doing their own research. You can download the code here. Of course you’ll need some JavaScript/Java/Flash/etc… code to make the browser call the server twice, and you’ll need something to shut the port down after the initial call is made to force the browser to make the second DNS request, but I thought it was better to leave that part as an experiment for the user, since that code will probably vary a lot depending on the server environment.

5 Responses to “Sample DNS Rebinding Code”

  1. ChosenOne Says:

    why ist always perl? whyyyy? just kidding ;)
    nice work :)

  2. Alexandru Trandafir Catalin Says:

    Hello,

    Thank you for hacking my website at www.rogrup.com, it was my first PHP website so I did not implement any security in forms I guess I’ll have to do it now :)

    I’m thinking about upgrading the site anyway but I can’t say when! Well, hope you people won’t do that again!

    Good bye!

  3. RSnake Says:

    @ChosenOne - because I’m way better at Perl than other languages. It would be a disaster if I tried to do that it php or ruby or something.

    @Alexandru - I’m not sure who hacked your site, but it wasn’t us. Someone included one of our XSS test scripts to indicate that your site was hacked, but it wasn’t us. I hope it wasn’t too difficult to fix.

  4. neodal Says:

    Hello,

    It’s very useful for me.
    Thank you!.

    But, it’s not execute on window perl.

  5. wickett Says:

    RSnake, thanks for putting this out there. This seems like a really cool little experiment to get running. I am going to give it a try to get running.