DNS rebinding
#317
Replies: 1 comment
-
|
Implemented in #29 |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
As Interactsh is about OOB interaction supporting DNS it would be nice to have a DNS rebinding by the same occasion.
This mean having a way to get resolvable resource records with any given contents for assisting in detection and exploitation of SSRF-related vulnerabilities.
I have fetched a list of DNS rebinding tools but most are hard to setup, featureless and unmaintained. The most interesting project to understand all major features is 1u.ms (source), their website describe well all possibilities.
Right now Interactsh is similar to most HTTP request collector and inspector tools but lacks of DNS rebinding.
What I said for DNS could also be meaningful for HTTP, being able choose the body or headers served by the server.
Beta Was this translation helpful? Give feedback.
All reactions