Overview
Explore a groundbreaking presentation on a novel class of DNS vulnerabilities affecting multiple DNS-as-a-Service (DNSaaS) providers, including major cloud platforms like AWS Route 53. Delve into the technical details of these vulnerabilities, which can potentially lead to the exfiltration of sensitive information from corporate networks, such as internal and external IP addresses, computer names, and even NTLM/Kerberos tickets. Understand the root cause of the problem, stemming from non-standard DNS resolver implementations and specific edge cases on the service provider's side. Learn about the research methodology, testing procedures, and initial analysis that led to the discovery of these vulnerabilities. Gain insights into the potential impact on national security and intelligence gathering. Examine the timeline of disclosure, mitigation strategies, and steps to block such attacks. Investigate the scope of affected services, misconfiguration issues, and registration processes. Conclude with an exploration of future research directions in dynamic DNS and a comprehensive summary of the findings.
Syllabus
Introduction
Why DNS as a Service
Route 53
How DNS Works
R53
Withio
Example
Testing
Initial Analysis
What is Dynamic DNS
Microsofts Algorithm
What Did We Learn
NationState Intelligence
IBBased Intelligence
Computer Names
ipv6 addresses
The scope
Timeline disclosure
Blocking the attack
Misconfiguration
Registration
Primary Name Server
Research Directions
Dynamic DNS
Summary
Taught by
Black Hat