DNS Rebinding Attack

Looking for vulnerable IoT devices on your home network.

Scanning {{ips.length}} IP addresses from {{startIp}} to {{endIp}}
Google Home IPs finished/started: {{googleHome.finishedIps.length}}/{{googleHome.startedIps.length}}
Roku IPs finished/started: {{roku.finishedIps.length}}/{{roku.startedIps.length}}
Radio Thermostat IPs finished/started: {{radioThermostat.finishedIps.length}}/{{radioThermostat.startedIps.length}}
Phillips Hue bridge IPs finished/started: {{phillips.finishedIps.length}}/{{phillips.startedIps.length}}
Sonos speaker IPs finished/started: {{sonos.finishedIps.length}}/{{sonos.startedIps.length}}

This proof-of-concept attack is a demonstration of DNS rebinding attacks in general and was created as a component in larger research on the subject in general. If you are interested in learning more you can read about the research in this blog post. You can also find source code here and here.

❤️ Brannon Dorsey
🐦   💻

{{Object.keys(roku.devices).length}} Roku found
{{Object.keys(googleHome.devices).length}} Google Home found
{{Object.keys(radioThermostat.devices).length}} Radio Thermostat found
{{Object.keys(phillips.devices).length}} Phillips Hue Bridge found
{{Object.keys(sonos.devices).length}} Sonos speaker found

The DNS Rebind attack was successful and a device has been found on your network. Your browser has been tricked into violating the Same-Origin Policy and HTTP requests have been made to interact with a device on your local network. The information below has been exfiltrated from your device and sent to a remote server that you do not control.