Sign in
Log inSign up
Voorivex

33 likes

·

2.6K reads

3 comments

Navid Mirzaaghazadeh
Navid Mirzaaghazadeh
Sep 17, 2024

<3

·
VC0D3R
VC0D3R
Sep 17, 2024

nice writeup , thanks for sharing

I have a question : so if the next_check() checks (verify) the cname record every time (when function called) and if it matches "hashnode.network" it will prevent this attack ?

and the cause of this vulnerability is because hashnode only verifies the cname record once , only when it is adding to the db, , am I correct?🤔

·
·1 reply
Voorivex
Voorivex
Author
·Sep 17, 2024

First question: yes, but the checker function should not rely on the DNS cache. If it does, the attack will still exist

Second question: not just once. Hashnode checked the DNS record at regular intervals (every 10 minutes) which was prone to DNS Rebinding attack

2
·