Your son has been crank calling 911.
Worst Enemy??™s: That??™s terrible. He is so grounded.
In the end, Rich??™s worst enemy would get grounded, and Rich would go on a date
with Worst Enemy??™s girl, and everyone would live happily ever after all thanks to
rebinding phone numbers.
Back to DNS Rebinding
DNS rebinding uses the same style of attack with a much different outcome. The similarity
is that the attacker convinces the browser, operating system, and/or the browser plugins
to trust some domain name, and then the attacker switches the IP address of the
Chapter 9: Attacking Flash Applications 239
trusted domain name at the next moment so that the victim trustingly connects to a
different IP address.
The difference is that web security is not based on IP addresses; it is based on domain
names. So even though the IP address changes ???under the hood,??? the trust spans across
the all the IP addresses associated with the domain name. The outcome is that the victim
becomes a proxy between the evil web site on the Internet and any internal IP address
and port in the victim??™s intranet.
We??™ll explain the attack in detail, using an example by which an attacker takes control
of a victim??™s home router.
Pages:
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416