Attack has been blocked by CORS policy

Question

Attack has been blocked by CORS policy

Closed this issue 2 years ago · 7 comments

Hi @gdncc and congratulations on the tool you made. I am trying to perform the attack on my home router and I cannot understand why it is giving me this error.

I tried another router on a different line and the attack was successful.

Could you help me understand why it doesn't work on this router? or what caused the error.

Sorry for my English.

Answer 1 · 2021-09-29T02:24:16.000Z

From the screenshot, it looks like the DNS rebinding did not succeed. Did you try to manually verify that the target system is vulnerable to DNS rebinding as explained here https://github.com/nccgroup/singularity/wiki/Testing-for-Vulnerable-Services ?

Answer 2 · 2021-10-07T14:17:55.000Z

Thanks for the answer, you are right, the system is not vulnerable.
I however, found another problem.
I did some tests on a vulnerable system (my router 192.168.1.1), with ubuntu 20.04 LTS and with firefox the dns rebinding is successful (first image) while with chrome it does not work (second image).

With windows 10 it doesn't work neither on firefox nor on chrome.
I have tried other vulnerable systems like a simple web server in localhost but the result is the same. Dns rebinding attack only works with ubuntu + firefox.
I don't understand why this behavior, the attacked system is the same!

Answer 3 · 2021-10-12T01:06:29.000Z

Thank you for the update. We believe this is the cause of a recent new feature in the Chrome browser described at https://developer.chrome.com/blog/private-network-access-update/. For now it looks like rebinding to a private IP address in Chrome does no longer work. We may explore this in the future.

Answer 4 · 2021-10-17T14:50:16.000Z

Thank you very much for the answers and congratulations on the tool again.

Answer 5 · 2021-11-24T01:19:42.000Z

Thank you for the update. We believe this is the cause of a recent new feature in the Chrome browser described at https://developer.chrome.com/blog/private-network-access-update/. For now it looks like rebinding to a private IP address in Chrome does no longer work. We may explore this in the future.

@sanktjodel i think you may want to take a look on these two then
#36
#35

also adding an option for auto grabbing the public IP for using in the manager in case of chrome detected would be useful , till you happen to figure a fix.

Thanks ;)

Answer 6 · 2023-01-18T08:46:15.000Z

Thanks , we await updates on the possible resolution, currently only Chrome is blocking it but in some cases it works

Answer 7 · 2023-05-03T22:57:23.000Z

We have documented this issue in our new blog post at https://research.nccgroup.com/2023/04/27/state-of-dns-rebinding-in-2023/ explaining Local Network Access, a new draft W3C specification, implemented in Chrome. The blog post includes two ways to bypass these restrictions with restricted scope.

We have also documented the error here: https://github.com/nccgroup/singularity/wiki/Common-Issues

Thanks for bringing up the matter. Closing this issue.