DNS rebinding failed on Ubuntu 20.04.1 LTS

Question

DNS rebinding failed on Ubuntu 20.04.1 LTS

Closed this issue 3 years ago · 3 comments

OS: Ubuntu 20.04.1 LTS

I used the default version (79.0) of Firefox at first, and then I tried to upgrade Firefox to the latest version (95.0.1), but it failed.

It seems that the local service is directly accessed, and it is a 404 directly.

I tried 127.0.0.1 again and it failed

Answer 1 · 2021-12-29T09:22:55.000Z

This is the dns query result

I tried a lot of this without rebinding successfully

Answer 2 · 2021-12-30T04:50:14.000Z

Hi

I just successfully tried the "First then second" and "Multiple answers" rebinding strategies on Ubuntu 21.10 with Firefox 95.0.2.

Did you verify that the target service is vulnerable to DNS rebinding (https://github.com/nccgroup/singularity/wiki/Testing-for-Vulnerable-Services)?

I suggest to try the default "First then second" rebinding strategy first as it's the most reliable.

Did it work with Firefox 79.0?

If you still have issues, please provide some more information about the target service such as the output of curl -v --header "Host: attacker.com" http://127.0.0.1:8000/ and of curl -v http://127.0.0.1:8000/

Answer 3 · 2021-12-31T06:57:58.000Z

Sorry, I found the reason, it's my network problem