Abstract:
The possibility of DNS Rebindng attack realization in modern browsers is researched. This attack is directed at bypassing Same Origin Policy. The conditions for successful attack realization when the target host is located in a local network are studied. A list of the most vulnerable browsers is produced. The attack is implemented in the BeEF (Browser Exploitation Framework) being a tool for penetration testing. Some advices for protection against this attack are given.
Keywords:HTTP, pentesting, Web application security.
Fulltext:
PDF file (450 kB)