Cyber Security News

DNS Analyzer: A New Burp Suite Extension to Find DNS Flaws in Web Apps

DNS flaws are very common on web applications where the DNS resolvers are vulnerable to Kaminsky attacks.

If threat actors are able to predict portions of a DNS query and the source ports, they can exploit these vulnerabilities and gain unauthorized access to the servers.

Dan Kaminsky, the late security researcher, found a DNS flaw in 2008 in several Domain Name Servers (DNS which threat actors could’ve used for cache poisoning leading to several account takeovers, data breaches, and many others.

He developed some mechanisms and techniques for finding DNS flaws called Kaminsky attacks.

Burp Suite – DNS Analyzer

Burp Suite has many extensions contributed to and developed by several security researchers worldwide that can help ease the time and effort of penetration testers.

Most of the extensions are used by threat researchers worldwide, including Logger++, Turbo Intruder, Authorize, etc., 

However, a new extension has been released by Burp Suite called “DNS Analyzer,” which can help find DNS flaws. This extension can make Burp Collaborator act as a replacement for DNS Analysis Server.

DNS Analyzer Attack Flow

DNS Analyzer Attack Flow Source: SEC-Consult

The DNS analyzer will work alongside Burp Collaborator and create a domain name like “abclskjs.oastify.com.” This domain name is then used for testing in the forgot password, Registration, newsletter, etc.

The web application resolves the domain name by using a DNS Resolver.

When the DNS resolver sends the query to resolve the domain name, it is captured by the DNS Analyzer, which sends a non-manipulated DNS response to the DNS resolver.

The DNS Analyzer then examines the DNS interactions made between the Burp Collaborator and the Web application.

A complete report on the working structure of this extension and the Kaminsky attack is published.

“AI-based email security measures Protect your business From Email Threats!” – .

Eswar

Eswar is a Cyber security reporter with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is reporting data breach, Privacy and APT Threats.

Recent Posts

Critical Exim Mali Server Vulnerability Impacts 1.5 Million Email Servers

According to recent findings by security researchers, more than 1.5 million email servers are currently…

6 hours ago

AT&T Massive Data Breach – Affecting Nearly All Customers’ Call & Text Records

AT&T, one of the largest telecommunications companies in the United States, has disclosed a significant…

18 hours ago

FishXProxy Fuels Phishing Attacks with Clever Deceptive Attacks

Imagine receiving an email that looks legitimate, down to the last detail. This is the…

21 hours ago

Beware of Phishing Attack that Abuses SharePoint Servers

A massive phishing campaign exploits Microsoft SharePoint servers to host malicious PDFs containing phishing links.…

22 hours ago

Apple Warns of Users in 98 Countries of Targeted Spyware Attacks

Apple has alerted iPhone users in 98 countries about potential mercenary spyware attacks. This marks…

1 day ago

Citrix NetScaler ADC & Gateway Impacted by regreSSHion RCE Vulnerability

Qualys discovered a critical remote unauthenticated code execution (RCE) vulnerability, CVE-2024-6387, in OpenSSH’s server (sshd).…

1 day ago