this post was submitted on 01 Dec 2023
3 points (100.0% liked)

Security Operations

570 readers
1 users here now

A place for all things Cyber Security, from questions, rants, and stories, to the latest attacks, vulnerabilities, and zero days.

founded 1 year ago
MODERATORS
L3s
 

We Hacked Ourselves With DNS Rebinding::This post is the first in a two-part series on DNS rebinding in web browsers. In this post, I will talk about a bug we found in our own product which allowed us to retrieve low-privileged AWS credentials using DNS rebinding. In the next post, I will share new techniques to reliably achieve split-second DNS rebinding in Chrome, Edge, and Safari, as well as bypass Chrome's restrictions on requests to private networks.‍

no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here