Cybersecurity firm NCC Group has released an open source tool for penetration testers that allows carrying out DNS rebinding attacks.
Security firm NCC Group has released an open source tool for penetration testing dubbed Singularity of Origin that allows carrying out DNS rebinding attacks.
Singularity also aims to raise awareness on how DNS rebinding attacks work and how to protect from them.
A DNS rebinding attack allows any website to create a DNS name that they are authorized to communicate with, and then make it resolve to localhost.
This attack technique could be exploited to target a vulnerable machine and exploit vulnerabilities in applications running on the localhost interface or exposing local services.
The attacker only needs to trick victims into visiting a malicious page or view a malicious ad to launch the attack.
“During recent security assessments, we’ve seen applications running on the localhost interface or exposing services on an internal network without authentication. This includes Electron-based applications or applications exposing Chrome Developer Tools and other various debuggers,” states NCC Group Senior Security Consultant Roger Meyer.
“Exploiting such services is typically straight forward, but it takes a substantial effort to implement an attack in the context of a security assessment. There are tools available to exploit DNS rebinding vulnerabilities but they pose a number of challenges including the lack of support or documentation. They sometimes do not even work, are very specific and/or do not provide a full exploitation stack, requiring much effort to assemble and integrate all the missing bits and pieces.”
Differently from publicly available tools for DNS rebinding attacks, the Singularity tool provides a full exploitation stack.
The Singularity tool includes several attack payloads that allow pen testers to carry out various activities, such as grabbing an app’s homepage and remotely executing code.
The payload could be modified to implements new attacks.
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer.
Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US.
Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines.
Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.