dnsFookup: DNS rebinding toolkit
DNS Rebinding framework containing:
- a dns server obviously
- web api to create new subdomains and control the dns server, view logs, stuff like that
- shitty react app to make it even comfier
DNS rebinding is a form of computer attack. In this attack, a malicious web page causes visitors to run a client-side script that attacks machines elsewhere on the network. In theory, the same-origin policy prevents this from happening: client-side scripts are only allowed to access content on the same host that served the script. Comparing domain names is an essential part of enforcing this policy, so DNS rebinding circumvents this protection by abusing the Domain Name System (DNS).
This attack can be used to breach a private network by causing the victim’s web browser to access computers at private IP addresses and return the results to the attacker. It can also be employed to use the victim machine for spamming, distributed denial-of-service attacks, or other malicious activities.
What does it do?
You can specify what ips should it resolve to and how many times, for now, it only supports A records 🙁