- May 4, 2019
- 801
By analyzing closed DNS resolvers on the Internet, we found numerous ISPs and hosting providers that are vulnerable to trivial Kaminsky attacks. This allows an attacker to manipulate the DNS name resolution of thousands of systems. As a consequence, e-mail redirections, account takeovers and even the compromise of entire systems may be possible. Closed DNS resolvers all across the world are affected.
This blog post describes the core problem of our research and how to find vulnerabilities in closed DNS resolvers. Furthermore, open-source tools such as the DNS Analysis Server, are introduced and provided. Lastly, we're showing how to take over a fully patched WordPress instance in a proof-of-concept exploit!
Melting the DNS Iceberg: Taking over your infrastructure Kaminsky style
Hidden DNS resolvers and how to compromise your infrastructure
sec-consult.com