SEED Project

DNS Rebinding Attack Lab

Overview

The objective of this lab is two-fold: (1) demonstrate how the DNS rebinding attack works, and (2) help students gain the first-hand experience on how to use the DNS rebinding technique to attack IoT devices. In the setup, we have a simulated IoT device (a thermostat), which can be controlled through a web interface (this is typical for many IoT devices). Many IoT devices do not have a strong protection mechanism, if attackers can directly interact with them, they can easily compromise these devices. However, due to firewalls and browser's sandbox protection, it is difficult for attackers to interact with the IoT servers. The goal of the attack in this lab is to use the DNS rebinding technique to circumvent these protections, so attackers can set the temperature value of the thermostat to a dangerously high value.

Tasks (English) (Spanish)

VM version: This lab has been tested on our SEED Ubuntu-20.04 VM
Lab setup files
- Labsetup.zip
- Labsetup-arm.zip (for Apple Silicon machines)
Manual:: Docker manual

Time (Suggested)

Supervised (closely-guided lab session): 2 hours
Unsupervised (take-home project): 1 week

SEED Videos

Udemy: Internet Security: A Hands-on Approach (§ 7)
Identical videos are available on NetEase (for Mainland China)

SEED Books (English) (Chinese)

Feedback and Help

	Please give us your feedback on this lab using this feedback form.
	The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs.