[dns-operations] Injection Attacks Reloaded: Tunnelling Malicious Payloads over DNS

Ken N ken at linuxdeveloper.xyz
Wed Aug 18 01:04:54 UTC 2021

I even wrote a module for cloudflare's DNS api V4 with perl.

Hope you can find something useful from it. :)


On 2021/8/18 8:55 上午, Andrew Sullivan wrote:
> I recognize that this is true; but honestly, if we're trying to make 
> something safe we're not aiming at C programmers in the first place.  If 
> you're writing C programs today and you're not checking every single 
> input and output for malicious content, then you're a hazard to everyone 
> and not just your users.  The idea that such a problem could be solved 
> by "better resolvers" is just fatuous: all that will do is make better 
> malware.

More information about the dns-operations mailing list