Skip to content
alxk edited this page Nov 8, 2018 · 6 revisions

Introduction

Welcome to the dref wiki!

dref (DNS Rebinding Exploitation Framework) is intended to facilitate research into DNS rebinding attacks and their potential applications to security assessments.

If you're not familiar with DNS rebinding, have a quick read of the Wikipedia page and check out Robert Hansen's breakdown of the attack on YouTube.

If you want to deploy dref proceed to the Setup section.

If you need help, or want to discuss dref and DNS rebinding come chat on gitter

Use responsibly.

Limitations

There are several caveats to bypassing the Same-Origin Policy with dref.

DNS rebinding does not work:

  • over HTTPS
  • if services validate the Host header

The stable attack requires browsers to stay more than a minute on the website. The Fast Rebind mode triggers instantly on some browser/OS combinations, but is not guaranteed to work.

On top of this, various tricks used by dref (such as port scanning from a browser) are fidgety by nature. Your mileage may vary.