Comments on: [not] Protecting web sites and services from DNS rebinding attacks

By: top10webhosting

top10webhosting — Mon, 03 Sep 2007 14:30:57 +0000

Hmm.. I am getting the following error.

Please wait for 15 seconds.
f1()
ERROR: Access is denied.
ERROR: http://1188829961575.jumperz.net/exploits/dnsp3.jsp?address=127.0.0.1
ERROR: 50

What does it mean ?

By: Dmitry

Dmitry — Fri, 03 Aug 2007 19:04:33 +0000

This component lets you protect Java web applications from
DNS rebinding: http://www.servletsuite.com/servlets/hostflt.htm

By: Dan Weber

Dan Weber — Thu, 02 Aug 2007 18:40:16 +0000

This works because jumperz.com’s bind is sending back incorrect DNS responses, yes?

By: Christian Matthies

Christian Matthies — Thu, 02 Aug 2007 18:14:52 +0000

Well, keep in mind that the host header can be spoofed with Anti Anti Anti DNS Pinning also. Check out http://christ1an.blogspot.com/2007/07/dns-pinning-explained.html, an article I wrote on this matter a few weeks ago.

By: david

david — Thu, 02 Aug 2007 00:25:53 +0000

stand: I think that the port-80 limit is just a feature of the jumperz.net demo, though you would probably have to stay on the same port as the original web page. I’ll have to look at the exploit in more detail.

By: University Update - Firefox - Protecting web sites and services from DNS rebinding attacks

Thu, 02 Aug 2007 00:23:40 +0000

[…] Contact the Webmaster Link to Article firefox Protecting web sites and services from DNS rebinding attacks » Posted at […]

By: stand

stand — Wed, 01 Aug 2007 23:14:30 +0000

David, it’s not immediately apparent to me whether this exploit will relay services that are not hosted on port 80. I don’t see why is shouldn’t, but the jumperz.net page you link to doesn’t work with non-80 ports.

By: » Protecting web sites and services from DNS rebinding attacks

» Protecting web sites and services from DNS rebinding attacks — Wed, 01 Aug 2007 21:51:40 +0000

[…] Original post by david […]