Gérald Doussot

Hello, I've just tested with the latest version of Singularity, compiled with Go version "1.16.3", since we made a code change yesterday. It works for me. Maybe you pasted extraneous...

I've successfully tried "Hook and Control" against a service listening on localhost, with the latest version of the code and with the following configuration: - Client machine: macOS - Client...

If you see a request for resource "soopayload.html" on the target service, it means that DNS rebinding did not happen successfully in all likelihood. Specifically, using "Simple Fetch Get" with...

127.0.0.1 did not work with Unix-like hosts when using the "Multiple Answers" DNS rebinding strategy, but 0.0.0.0 did (check slide 38 of our 2019 State of DNS Rebinding DEF CON...

> But the target browser will not be able to send the httpOnly cookies to the attacker's browser because they are not accessible by getCookies, right? For the purpose of...

DNS rebinding gives you connectivity to a service, which would not normally be accessible in certain scenarios if it were not vulnerable to DNS rebinding. Adequate authentication and authorization controls...

I tried the `Hook and Control` attack with the latest Singularity git commit, and I was able to browse a hooked client service (via Firefox on Linux) from another machine...

It appears that the problematic proxy requests are going to the Singularity HTTP server (URLs starting with "https://s-"), rather than to the proxy server (URLs starting with a number). This...

Is port 7860 actually the port on which you performed DNS rebinding? Could the application be listening on two different ports? Also, have you checked the Singularity server logs for...

It seems that you are using the [text-generation-webui](https://github.com/oobabooga/text-generation-webui) application based on your screenshots. I've tried it, and it is indeed vulnerable to DNS rebinding attack, at least in its default...