Xiang Li | 李想
Xiang Li | 李想
Home
Publications
Projects
Activities
Misc
Contact
Links
Light
Dark
Automatic
English
中文 (简体)
1
Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation
In this paper, we propose
Phoenix Domain
, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.
Xiang Li
,
Baojun Liu
,
Xuesong Bai
,
Mingming Zhang
,
Qifan Zhang
,
Zhou Li
,
Haixin Duan
,
Qi Li
PDF
Cite
Code
Project
Slides
Source Document
DOI
Ghost Domain Reloaded: Vulnerable Links in Domain Name Delegation and Revocation
In this paper, we propose
Phoenix Domain
, a general and novel attack that allows adversaries to maintain the revoked malicious domain continuously resolvable at scale, which enables an old, mitigated attack, Ghost Domain.
Xiang Li
,
Baojun Liu
,
Xuesong Bai
,
Mingming Zhang
,
Qifan Zhang
,
Zhou Li
,
Haixin Duan
,
Qi Li
Feb 27, 2023
DNS
PDF
Cite
Code
Project
Slides
Source Document
DOI
Fast IPv6 Network Periphery Discovery and Security Implications
We introduce a novel IPv6 network scanning technique and develop a fast network scanner
XMap
to evaluate it, harvesting
52M
devices. We leverage
XMap
to measure the unintended exposed IPv6 services and uncover a common IPv6 routing loop vulnerability and receive >109 CNVD/CVE.
Xiang Li
,
Baojun Liu
,
Xiaofeng Zheng
,
Haixin Duan
,
Qi Li
,
Youjun Huang
PDF
Cite
Code
Project
Slides
Video
Fast IPv6 Network Periphery Discovery and Security Implications
本工作从全新的扫描角度出发,提出了一种新型的IPv6网络扫描技术,用于发现位于网络拓扑中重要位置的IPv6网络边界设备,同时设计并实现了全新的IPv6网络扫描器:
XMap
,可被用来进行大规模的扫描探测工作。通过利用XMap,本工作在若干个运营商的网络环境下发现了数以千万计的IPv6网络边界设备,并对其暴露的关键网络服务进行了深入的安全分析。此外,利用XMap,本工作发现了一个普遍存在的通用型路由循环漏洞(影响数十家路由器厂商),申请到了多于109个漏洞编号,并向厂商提供了合理的披露和有效的修复方案。
Xiang Li
,
Baojun Liu
,
Xiaofeng Zheng
,
Haixin Duan
,
Qi Li
,
Youjun Huang
Jun 21, 2021
IPv6
PDF
Cite
Code
Project
Slides
Video
«
Cite
×