What Is DNS Rebinding and How Can It Affect You?

Jack Casey
Share

Back in March, a programmer by the name of Brannon Dorsey wrote a post in Medium in which he detailed a browser vulnerability known as DNS rebinding. In the post, Dorsey explains how the bug could be used to hack into smart devices in your home. The post reverberated around the web – Wired covered his experimented – and prompted device manufacturers such as Roku and Sonos to start working on patches.

So what is DNS rebinding?

While Dorsey explained how the vulnerability can be used to hack into connected devices (you can read his post here), for the purpose of this article we will be using a different example: how DNS rebinding can be used to hack into your bank account. First, we need to explain what Same-Origin Policy means.

Same-Origin Policy

Under the policy, a web browser only allows scripts loaded from a web page to interact with another page from the same domain. So if xyz.com runs a JavaScript in your browser, it can only interact with web pages under the xyz.com domain.

This sounds reassuring, but there is a problem here. Web browsers use URLs to implement same-origin policy (SOP), but they use IPs to communicate requests. So if a malicious website changes its IP it would have easily bypassed SOP.

Real World Example

Here’s one way hackers could use this vulnerability:

The hacker sets up a website, names it sop.exploit, and loads it with malicious scripts. He then delegates it to a DNS server that he controls. (DNS servers function like an internet phonebook, linking URLs to IPs.)

Next, the hacker needs the victim to visit sop.exploit. This can be done in a variety of ways: an ad banner, unsolicited email, etc. Once a victim clicks on the malicious link, the browser will send a DNS request for the IP address of sop.exploit. The malicious DNS responds with the real IP at first.

While configuring the DNS server, the hacker sets a short TTL, or time to live, a mechanism that limits the lifespan of data on a computer or network.

Since the TTL is short, the browser will eventually make a second DNS request, but this time, the malicious DNS server will respond with a different IP address, that of your online banking service.

Based on the new IP, the victim’s machine will start to point HTTP requests (including ones from the malicious scripts) to intended for sop.exploit to the banking website unknowingly.

In short, DNS rebinding turns your web browser into a proxy to communicate directly with other online services.

Hide your IP

The internet as we know it wouldn’t be possible without IP addresses, but as we’ve seen here, and in many other occurrences that take place every day, they can be used to hone in on a particular device or person and initiate attacks that threaten their privacy and security. Thankfully, VPNs, or virtual private networks, offer an easy and affordable solution to hiding it. A VPN runs a network of remote servers that it uses to reroute your data, endowing your traffic with the server’s IP address instead of yours.

There are many VPN services out there, but our favorite is BulletVPN, as it employs state of the art protocols and encryption. What’s more, VPNs offer users plenty of other perks, including accessing geo-restricted content, protection from online snooping and bandwidth throttling.

Still undecided? You don’t have to make up your mind now. BulletVPN offers a 30-day money back guarantee trial period.

Also, be sure to check out the rest of our favorite VPNs seen below. All of those services were tested and reviewed by our own staff.

Last Updated Today  
Editor's Choice Provider
Editor's Choice
RatingStatsVisit

1
Price
85
Security
85
Features
90
Speed
95
Support
90
Visit Now

2
Price
85
Security
90
Features
95
Speed
90
Support
90
Visit Now

3
Price
85
Security
95
Features
95
Speed
95
Support
90
Visit Now

4
Price
95
Security
85
Features
85
Speed
90
Support
85
Visit Now

5
Price
80
Security
85
Features
90
Speed
70
Support
85
Visit Now
Tags:
Jack Casey
Jack Casey

Jack is the Editor in Chief of VPN Review. Having previously headed development teams at multiple IT security firms and VPN providers, Jack's knowledge covers a broad range of subjects, including internet security, cyber threats, and user interface design. His new found passion is digital journalism.

    1

Leave a Reply