DNS as an attack vector

Here's a weird idea: stuffing Javascript into DNS to attack browsers. (via Hacker News)



  1. So basically the issue is that if you fire up a web service that do DNS lookups for you (i’ll stick to nslookup or dig, thanks), said service may not bother to sanity check the response before mixing it with the result display template. I do wonder how much DNSSEC affects this.

    1. It’s whether the same exploit can be used in REVERSE DNS lookups that has the discovered concerned, as that would open practically any web server to badness. I think his secondary concern of SQL injections is interesting but less likely to cause any real mischief.

      1. How would it affect a web server? As far as I can tell, the worst that can happen is that you’d have a JavaScript scriptlet in your logs; if your log viewer doesn’t sanitize its inputs, yeah. But how would it open “practically any web server to badness”?

    1. That’s like complaining about C. Or web browsers. Or Java applets. Or Flash. Or your computer, for that matter.

      They’re all just a bunch of tools.

Comments are closed.