Home Lab Setup SEED Labs Books Lectures Workshops
SEED Logo

DNS Rebinding Attack Lab

Overview

The objective of this lab is two-fold: (1) demonstrate how the DNS rebinding attack works, and (2) help students gain the first-hand experience on how to use the DNS rebinding technique to attack IoT devices. In the setup, we have a simulated IoT device (a thermostat), which can be controlled through a web interface (this is typical for many IoT devices). Many IoT devices do not have a strong protection mechanism, if attackers can directly interact with them, they can easily compromise these devices. However, due to firewalls and browser's sandbox protection, it is difficult for attackers to interact with the IoT servers. The goal of the attack in this lab is to use the DNS rebinding technique to circumvent these protections, so attackers can set the temperature value of the thermostat to a dangerously high value.

Tasks (PDF)

Time (Suggested)

  • Supervised (closely-guided lab session): 2 hours
  • Unsupervised (take-home project): 1 week

SEED Videos

SEED Books (English) (Chinese)

  • Computer & Internet Security: A Hands-on Approach, 2nd edition (§ 18)
  • Internet Security: A Hands-on Approach, 2nd edition (§ 4)
  • Chinese version, 1st edition (§ 15)

Feedback and Help

Please give us your feedback on this lab using this feedback form.
The SEED Labs project is open source. If you are interested in contributing to this project, please check out our Github page: https://github.com/seed-labs/seed-labs.