GitBook: [#3153] No subject
This commit is contained in:
parent
5af75c290a
commit
5a4f9d6a67
Binary file not shown.
Before Width: | Height: | Size: 8.4 KiB After Width: | Height: | Size: 17 KiB |
|
@ -331,12 +331,19 @@ Check out also the **publicly running server in** [**http://rebind.it/singularit
|
|||
|
||||
As it was explained in the previous section, **browsers** have the IPs of domains **cached more time** than the one specified in the TTL. However, there is a way to bypass this defence.
|
||||
|
||||
You can **create 2 A records** for the **same subdomain** in the **DNS provider** and when a browser checks for them he will get both.
|
||||
You can **create 2 A records** (or **1 with 2 IPs**, depending on the provider) for the **same subdomain** in the **DNS provider** and when a browser checks for them he will get both.
|
||||
|
||||
Now, if the **browser** decides to **use** the **attacker IP address first**, the **attacker** will be able to **serve** the **payload** that will **perform HTTP requests** to the same **domain**. However, now that the attacker knows the IP of the victim, **he will stop answering the victim browser**.
|
||||
|
||||
When the browser finds that the **domain isn't responding** to him, it will **use the second given IP**, so he will **access a different place bypassing SOP**. The attacker can abuse that to **get the information and exfiltrate it**.
|
||||
|
||||
{% hint style="warning" %}
|
||||
Note that in order to access localhost you should try to rebind 127.0.0.1 in Windows and 0.0.0.0 in linux.\
|
||||
Providers such as godaddy or cloudflare didn't allow me to use the ip 0.0.0.0, but AWS route53 allowed me to create one A record with 2 IPs being one of them "0.0.0.0"
|
||||
|
||||
![](<../.gitbook/assets/image (638).png>)
|
||||
{% endhint %}
|
||||
|
||||
![](<../.gitbook/assets/image (620).png>)
|
||||
|
||||
For more info you can check [https://unit42.paloaltonetworks.com/dns-rebinding/](https://unit42.paloaltonetworks.com/dns-rebinding/)
|
||||
|
|
Loading…
Reference in New Issue