Half a billion IoT devices inside of businesses can be hacked through decade-old DNS rebinding attacks

Originally published at: https://boingboing.net/2018/07/24/decade-old-vulns.html


I’m rebinding right now!

1 Like

can’t well programmed and firewalled routers help solve this problem?

of course the average consumer doesn’t even re-configure their router from the default settings…

oh wait, I see now, it’s simply using the browser to access local ip addresses on the network (but isn’t that cross-site scripting? should be impossible)

The command that the browser sends can control the IoT device, compromise the device, or extract information such as unique identifiers and Wi-Fi access point SSIDs. Since all of this traffic is between the browser on the end-user’s laptop or desktop and the IoT device, the firewall never sees this traffic and thus, it can’t block any of it.

but I disagree with that assessment - the local IP scan could be detected by the local router

Cross site scripting is something else - requests sent by the browser with HTML or Javascript code in the request, which the server returns in the response, and the browser then executes in the context of the web app. In that context the browser is that of the victim of the attack - they’d be requests initiated by the victim visiting a malicious website or following a link in a phishing email or the like.

If I understand right how this attack works, a web page would contain a bunch of references to resources (e.g. 1x1 pixel images hidden behind some other element or something), whose URL is at a 192.168.0.x address, basically a shot in the dark guessing that that’ll be a resource reachable by the client.

1 Like

This topic was automatically closed after 5 days. New replies are no longer allowed.