当前位置:首页 > 报告详情

王琦与李翔与王楚涵_图门攻击系统地探索和利用DNS响应预处理中的逻辑漏洞和畸形数据包.pdf

上传人: 张** 编号:175600 2024-09-13 41页 6.14MB

1、#BHUSA BlackHatEventsTuDoor Attack:Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed PacketsSpeaker(s):Qi Wang,Tsinghua UniversityContributor(s):Xiang Li,Nankai University&Chuhan Wang,Tsinghua University#BHUSA BlackHatEventsAttack Impact2Pois

2、oning vulnerable resolvers cache within just one second.Our TuDoor attack could poisonarbitrary domains,e.g.,.com .#BHUSA BlackHatEventsDomain Name System(DNS)3DNS Overviewq Translating domain names to IP addressesq Entry point of many Internet activitiesq Domain names are widely 93.184.216.34DNSWeb

3、CDNEmailCertificateCited from BlackHatEventsDomain Name System(DNS)4Hierarchical Name Spaceq Authoritative zones:root,TLD,SLD DNS recordsq Domain delegation Domain registrationMultiple Resolver Rolesq Client,forwarder,recursive,authoritativeq CachingIterative Resolution Processq Client-server stylen

4、etcomexampleDNSclientForw-arderRecursiveresolverAuthoritative serversRootTLDSLD.DNS namespaceDelegateDelegateQuery Referral to SLD NSQuery Referral to TLD NS123456Query Authoritative answer78910QueryQueryResponse#BHUSA BlackHatEventsnetcomexampleDomain Name System(DNS)5DNS Resolution Processq Primar

5、ily over UDPq Iterative and recursiveq CachingDNSclientForw-arderRecursiveresolverAuthoritative serversRootTLDSLD.DNS namespaceDelegateDelegateQuery Referral to SLD NSQuery Referral to TLD NS123456Query Authoritative answer78910QueryQueryR A?(empty)(empty)(empty)SP=50000QDANAUARDP=53TXID= A? A 1.1.1

6、.1(empty)(empty)SP=53QDANAUARDP=50000TXID=1001QueryResponseSource portTXID6 5 5 3 66 5 5 3 632 bits space#BHUSA BlackHatEventsTakeaway6Attackers have long been trying to manipulate its response for hijacking via cache poisoning attacks.Since DNS is the cornerstone of the Internet,enabling multiple c

word格式文档无特别注明外均可编辑修改,预览文件经过压缩,下载原文更清晰!
三个皮匠报告文库所有资源均是客户上传分享,仅供网友学习交流,未经上传用户书面授权,请勿作商用。
本文主要介绍了TuDoor攻击,这是一种新的DNS相关攻击,包括DNS缓存中毒、拒绝服务和资源消耗。TuDoor攻击利用了DNS响应预处理逻辑中的漏洞,可以在一秒内毒化易受攻击的解析器。文章分析了28种DNS软件,发现其中24种存在漏洞,可能导致缓存中毒、拒绝服务和资源消耗。文章还通过互联网扫描发现,在180万易受攻击的解析器中,有23.1%的解析器容易受到TuDoor攻击。文章最后讨论了漏洞披露和缓解措施,确认并修复了所有受影响的软件,并发布了33个CVE-id。
"如何防范TuDoor攻击?" "TuDoor攻击对DNS安全有何影响?" "TuDoor攻击与以往攻击有何不同?"
客服
商务合作
小程序
服务号
折叠