coredns-rebind - rebinds a domain from one IP address to another IP address to facilitate testing DNS Rebinding vulnerabilities.
This is a CoreDNS plugin. It rebinds domains from one IP address to another IP address. Use this plugin to learn more about DNS rebinding attacks or to test proof of concepts as a security researcher in a responsible manner.
This plugin is inspired by nccgroup/singularity and brannondorsey/whonow.
rebind example.com {
first_ip 1.2.3.4
second_ip 0.0.0.0
strategy first_then_second
}
- first_ip is the first IP address. This is usually an IP address that you own
- second_ip is the second IP address to rebind to. This is usually the target IP address of the vulnerable server
- strategy is one of the following:
- first_then_second: responds with the
first_ipand then responds with thesecond_ipaddress for all subsequent requests - random: responds with a random selection of
first_ipandsecond_ip - round_robin: responds in a round robin fashion of
first_ipand thensecond_ip
- first_then_second: responds with the
In this configuration, a DNS request to rebind.example.com will receive a response of 1.2.3.4. All future DNS requests will respond with 0.0.0.0.
example.com {
rebind rebind.example.com {
first_ip 1.2.3.4
second_ip 0.0.0.0
}
}
This package will always be compiled as part of CoreDNS and not in a standalone way. It will require you to use go get or as a dependency on plugin.cfg.
The manual will have more information about how to configure and extend the server with external plugins.
A simple way to consume this plugin, is by adding the following on plugin.cfg, and recompile it as detailed on coredns.io.
rebind:github.com/ivantsepp/coredns-rebind
Put this early in the plugin list, so that rebind is executed before any of the other plugins.
After this you can compile coredns by:
go generate
go buildOr you can instead use make:
make