Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Seperate results for seprate clients (feature discussion)
See original GitHub issueIt seems to me, given my limited experience with this tool and combing through the source, that the configuration of both the “round robin” and “dns rebind” behavior is “global”. By that I mean that any client will trigger the DNS server to respond with it’s next response IP address, rather than having programmed DNS responses maintained separately for separate client. E.g. If my dns.conf looks like this:
A some.website 192.168.200,192.168.1.1
And I make one DNS request from client A, with IP 170.30.28.50, I will receive a response of 192.168.200. If client B, with IP 180.33.250.79 then makes a request it would receive a response of 192.168.1.1.
If, however, I want to do a DNS rebind/round robin attack against multiple client IP addresses at once, it would be useful to “save program state” for each client. For instance, if I delivered a payload that sent one request to my server to GET the payload contents of an HTML file that contained JavaScript that made a second request (using the same domain name, but expecting it to resolve to an IP on the victim’s local network), I would want to be able to deliver that payload to two separate clients/victims at the same time without worrying that their activity would interfere with each other. Does that make sense?
Essentially, I’d like the round robin and dns rebind functionality to be local to requesting IPs. If IP A requests once, I’d like it to return 192.168.200, and if IP B requests immediately after, I’d like it to also receive 192.168.200. The next time both of them make a DNS lookup it should resolve to 192.168.1.1 to both of them. Am I correct in assuming this is not how the tool currently works?
The reason I bring this up is that I would be happy to add this functionality, but wanted to first propose it here and discuss it. This is something that would be very useful to me in my research as it allows the tool to be used in a “production” scenario, where many different clients can be attacked at once without stepping on each other’s toes so to speak.
Issue Analytics
- State:
- Created 6 years ago
- Comments:8 (8 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
this is a great idea and I think a solution perfectly suited to fakeDNS. I’ll call the behavior of generating rules on the fly from a DNS request the “automangler” feature and I can start banging that out soon I think.
Base64 looks weird too, maybe rot13? I’ll try and make it able to handle several encodings maybe but start with one just to kick it off.
Oh and thanks for helping and contributing!