Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Seperate results for seprate clients (feature discussion)

See original GitHub issue

It seems to me, given my limited experience with this tool and combing through the source, that the configuration of both the “round robin” and “dns rebind” behavior is “global”. By that I mean that any client will trigger the DNS server to respond with it’s next response IP address, rather than having programmed DNS responses maintained separately for separate client. E.g. If my dns.conf looks like this:

A 192.168.200,

And I make one DNS request from client A, with IP, I will receive a response of 192.168.200. If client B, with IP then makes a request it would receive a response of

If, however, I want to do a DNS rebind/round robin attack against multiple client IP addresses at once, it would be useful to “save program state” for each client. For instance, if I delivered a payload that sent one request to my server to GET the payload contents of an HTML file that contained JavaScript that made a second request (using the same domain name, but expecting it to resolve to an IP on the victim’s local network), I would want to be able to deliver that payload to two separate clients/victims at the same time without worrying that their activity would interfere with each other. Does that make sense?

Essentially, I’d like the round robin and dns rebind functionality to be local to requesting IPs. If IP A requests once, I’d like it to return 192.168.200, and if IP B requests immediately after, I’d like it to also receive 192.168.200. The next time both of them make a DNS lookup it should resolve to to both of them. Am I correct in assuming this is not how the tool currently works?

The reason I bring this up is that I would be happy to add this functionality, but wanted to first propose it here and discuss it. This is something that would be very useful to me in my research as it allows the tool to be used in a “production” scenario, where many different clients can be attacked at once without stepping on each other’s toes so to speak.

Issue Analytics

  • State:open
  • Created 6 years ago
  • Comments:8 (8 by maintainers)

github_iconTop GitHub Comments

Crypt0scommented, Mar 23, 2018

this is a great idea and I think a solution perfectly suited to fakeDNS. I’ll call the behavior of generating rules on the fly from a DNS request the “automangler” feature and I can start banging that out soon I think.

Base64 looks weird too, maybe rot13? I’ll try and make it able to handle several encodings maybe but start with one just to kick it off.

Crypt0scommented, Mar 21, 2018

Oh and thanks for helping and contributing!

Read more comments on GitHub >

github_iconTop Results From Across the Web

How to effectively deliver the results of your work to clients
When working with clients, make sure you have everything you need for effective communication to build lasting relationships.
Read more >
How to Effectively Segment Users & Clients - HubSpot Blog
First, it tells you where your customers are and how you can find them. This data also tells you how you should approach...
Read more >
Understanding Customer Experience
To the extent they do think about it, they all have different ideas of what customer experience means, and no one more senior...
Read more >
What Is Conjoint Analysis, and How Can It Be Used?
Conjoint analysis works by asking users to directly compare different features to determine how they value each one. When a company understands ...
Read more >
Removed / Missing Feature? - Cannot drag sections of GTM Client ...
... I was no longer able to click and drag the "textured" edge of the attendees list and chat sections of the GoToMeeting...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found