DNS rebinding attacks have been known for quite a long time. For example, Stanford Web Security Research Team posted a whitepaper about DNS rebinding attacks in 2007. But even if it’s a well-known type of attacks, nowadays you still can find software systems which are vulnerable to DNS rebinding attacks. For example, Google Project Zero recently discovered such problems in Blizzard Update Agent and BitTorent Transmission Daemon.
Tag Archives: DNS
DNS tunneling with Java
DNS tunneling may help you to bypass a firewall if DNS requests are allowed. Or, it can just get you a free Wi-Fi. There are a number standalone tools which allow you to setup a TCP-over-DNS tunnel. Here is a simple implementation of DNS tunneling with pure Java. It’s not ready for using in real world, but it shows an idea how DNS tunneling can be implemented. The implementation works with standard JRE, and doesn’t require any additional library.
(русская версия – Java и свет в конце DNS туннеля)