DNS TXT XSS vulnerability affects many websites

  • 4
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    4
    Shares

A number of websites across the internet are doing the text shake after online comedians began exploiting an XSS vulnerability flaw that makes pages dance and speakers blare. here is an example of one of the affected pages:

The flaws exist in the DNS text record – not the protocol – due to a lack of sanitation, and allowed internet scamps to turn boring websites like Who.is into a text-wobbling, screen-flashing party.

A registrant of the domain noticed the flaw and dropped < script > and < iframe > tags into TXT records, which were loaded by Who.is and MxToolbox.

The record type could store arbitrary text linked to a domain that would be improperly executed allowing hackers to pull of XSS attacks.

“The DNS protocol is not vulnerable in this instance – the attack is the result of a vulnerability in the web application and how it parses the results from the DNS query,” NCC Group Asia Pacific managing director Wade Alcorn said.

“A web application firewall would not have prevented this attack. This scenario emphasises the need for secure coding practices and that all inputs to an application should defend against attackers.”

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]