Intranet Invasion With Anti-Dns Pinning presented at Blackhat USA 2007

by David Byrne,

Tags: Security Web

Summary : Cross Site Scripting has received much
attention over the last several years, although some of its more ominous
implications have not. DNS-pinning is a technique web browsers use to
prevent a malicious server from hijacking HTTP sessions. Anti-DNS
pinning is a newly recognized threat that, while not well understood by
most security professionals, is far from theoretical.