The Art of DNS Rebinding

  • Date 06 Jun 2019

The Art of DNS Rebinding

06 Jun 2019, 10:30 - 11:15

Geek Street

So much of the information security world is reactionary… it took years for credential relaying to see any sort of solution and it still isn’t completely fixed. There are web servers and services that allow plain text HTTP communication and the state of email encryption is just laughable. Forget, “If it ain’t broke, don’t fix it”, vendors prefer, “If it is broke, ignore it.” DNS rebinding is not something that we can continue to ignore, it needs to be addressed today, which is why this session will introduce my latest tool, Dolos.

Learning Outcomes:

  1. Use DNS rebinding to circumvent the browser same-origin policy to bypass perimeter firewalls
  2. Mitigate DNS rebinding at the application level (e.g. via HTTP request validation)
  3. Mitigate DNS rebinding at the network level (e.g. through DNS response filtering)
  4. Install and configure the Dolos framework on their own system
  5. Develop and execute attacks through the Dolos framework



  • Craig Young


    Principal Security Researcher

    Tripwire VERT

    Craig Young is Principal Security Researcher for Tripwire\'s Vulnerability and Exposures Research Team (VERT). Over the years, Craig has disclosed...


We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.