Generic selectors
Exact matches only
Search in title
Search in content
Post Type Selectors

How DNS rebinding work ?

DNS rebinding works as :

DNS rebinding is a technique used by attackers to trick your web browser into making requests to a malicious server without your knowledge.

Attacker Sets Up Domain: The attacker creates a domain, like, and controls a DNS server.

Short TTL Record: The attacker configures the DNS server to respond with a very short Time-To-Live (TTL) record. This prevents your browser from remembering the DNS response for a long time.

Victim Accesses Malicious Domain: When you visit a website associated with the attacker’s domain, the DNS server controlled by the attacker responds with the IP address of a server hosting malicious code (like JavaScript or Flash).

Malicious Code Executed: Your browser executes the malicious code, which may perform harmful actions on your computer.

Code Accesses Original Domain: The malicious code makes additional requests to the original domain ( This is allowed by the same-origin policy, a security measure in web browsers.

New DNS Request: The browser, following the same-origin policy, makes a new DNS request for the original domain. However, the attacker’s DNS server replies with a new IP address.

IP Address Change: The new IP address could be an internal one or that of a different target, allowing the attacker to direct your browser to interact with other systems, potentially exploiting vulnerabilities.

Leave a Comment