Roger Meyer

- Did you try to perform a manual DNS rebinding attack using the default "First then second" rebinding strategy with the Singularity Manager web interface (/manager.html)? - Did you update...

Thank you for your contribution. We will consider merging each feature individually in future improvements.

From the screenshot, it looks like the DNS rebinding did not succeed. Did you try to manually verify that the target system is vulnerable to DNS rebinding as explained here...

Thank you for the update. We believe this is the cause of a recent new feature in the Chrome browser described at https://developer.chrome.com/blog/private-network-access-update/. For now it looks like rebinding to...

@tomverrecktecheib Can you please confirm that a basic DNS rebinding using the default "First then second" rebinding strategy worked? What browser and OS are you using?

It sounds like the DNS rebinding was not successful. Did you try the default "First then second" rebinding strategy with the Simple Fetch Get payload using the Singularity manager interface...

We have documented this issue in our new blog post at https://research.nccgroup.com/2023/04/27/state-of-dns-rebinding-in-2023/ explaining Local Network Access, a new draft W3C specification, implemented in Chrome. The blog post includes two ways...