Security company NCC Group have released an open source tool for penetration testing named Singularity, the tool allows security researchers to test for rebinding attacks. A DNS Rebinding attack allows a website to create a fake DNS name and force visitors to run a client-side script that attacks other hosts on the network.
How can DNS Rebinding be used?
This technique can be used to target a vulnerable machine and exploit vulnerabilities in the application running on the localhost interface to expose local services. The attacker just needs to coerce their victim into browsing a malicious page.
“During recent security assessments, we’ve seen applications working on the localhost interface or exposing services on an inside network without authentication. This includes Electron-based purposes or applications exposing Chrome Developer Tools and other various debuggers,” states NCC Group Senior Security Consultant Roger Meyer.
What are the advantages of this tool?
How does this tool Re-Bind the DNS?
The tool uses a custom DNS server to rebind the DNS name and IP address of the attacker’s server thus helping the attacker serve content to the victim.
Latest posts by Harikrishna Mekala (see all)
- A Serious Security Flaw Found in LibSSH - October 19, 2018
- Flaws in Branch.io Affected Over 685 Million Users - October 17, 2018
- Microsoft Store Has Been Hosting an Ad Clicker Disguised as a Google Photos App - October 16, 2018