Normally requests from code embedded in web pages (JavaScript, Java, Flash) are limited to the website they are originating from (same-origin policy). DNS rebinding attack can be used to improve ability of JavaScript based malware to penetrate private networks, subverting the same-origin policy.The basis of this attack is old. It was described by the Princeton University in 1996. For the attack to succeed the…
1 citazione | fonte: Alessandro "jekil" Tanasi blog | leggi il post
Connesso.org il 7 settembre 2007
[Fonte: ziobudda.net] Utile lettura, qui, su come una semplice redirezione del nostro DNS può aiutare i “malvagi” a farci qualche dispetto… [Tags] [Browsers, DNS, Pinning, Rebinding]