Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

A New Class of DNS Vulnerabilities Affecting Many DNS-as-Service Platforms

Black Hat via YouTube

Overview

Explore a groundbreaking presentation on a novel class of DNS vulnerabilities affecting multiple DNS-as-a-Service (DNSaaS) providers, including major cloud platforms like AWS Route 53. Delve into the technical details of these vulnerabilities, which can potentially lead to the exfiltration of sensitive information from corporate networks, such as internal and external IP addresses, computer names, and even NTLM/Kerberos tickets. Understand the root cause of the problem, stemming from non-standard DNS resolver implementations and specific edge cases on the service provider's side. Learn about the research methodology, testing procedures, and initial analysis that led to the discovery of these vulnerabilities. Gain insights into the potential impact on national security and intelligence gathering. Examine the timeline of disclosure, mitigation strategies, and steps to block such attacks. Investigate the scope of affected services, misconfiguration issues, and registration processes. Conclude with an exploration of future research directions in dynamic DNS and a comprehensive summary of the findings.

Syllabus

Introduction
Why DNS as a Service
Route 53
How DNS Works
R53
Withio
Example
Testing
Initial Analysis
What is Dynamic DNS
Microsofts Algorithm
What Did We Learn
NationState Intelligence
IBBased Intelligence
Computer Names
ipv6 addresses
The scope
Timeline disclosure
Blocking the attack
Misconfiguration
Registration
Primary Name Server
Research Directions
Dynamic DNS
Summary

Taught by

Black Hat

Reviews

Start your review of A New Class of DNS Vulnerabilities Affecting Many DNS-as-Service Platforms

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.