Xiang Li | 李想
Xiang Li | 李想
Home
Publications
Projects
Activities
Misc
Contact
Links
Light
Dark
Automatic
English
中文 (简体)
DNS Security
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
In this paper, we propose
ResolverFuzz
to fuzz the resolver.
Qifan Zhang
,
Xuesong Bai
,
Xiang Li
,
Haixin Duan
,
Qi Li
,
Zhou Li
Cite
Code
Project
ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing
在本文中,我们提出了一个全新的工具
ResolverFuzz
用来模糊测试解析器。
Qifan Zhang
,
Xuesong Bai
,
Xiang Li
,
Haixin Duan
,
Qi Li
,
Zhou Li
,
✉ Corresponding authors
Aug 14, 2024
DNS
Cite
Code
Project
TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets
This paper proposes the TuDoor Attack, by systematically exploring and exploiting logic vulnerabilities in DNS response pre-processing with malformed packets, leading to DNS cache poisoning (1s), denial-of-service, and resource consuming attacks.
Xiang Li
,
Wei Xu
,
Baojun Liu
,
Mingming Zhang
,
Zhou Li
,
Jia Zhang
,
Deliang Chang
,
Xiaofeng Zheng
,
Chuhan Wang
,
Jianjun Chen
,
Haixin Duan
,
Qi Li
Cite
Project
TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
In this paper, we present the
TsuKing
attack.
Wei Xu
,
Xiang Li
,
Chaoyi Lu
,
Baojun Liu
,
Jia Zhang
,
Jianjun Chen
,
Tao Wan
,
Haixin Duan
Cite
Project
TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers
In this paper, we present the
TsuKing
attack.
Wei Xu
,
Xiang Li
,
Chaoyi Lu
,
Baojun Liu
,
Jia Zhang
,
Jianjun Chen
,
Tao Wan
,
Haixin Duan
Nov 26, 2023
DNS
Cite
Project
Wolf in Sheep's Clothing: Evaluating the Security Risks of the Undelegated Record on DNS Hosting Services
This paper conducted a comprehensive measurement to reveal the prevalence of undelegated DNS records.
Fenglu Zhang
,
Yunyi Zhang
,
Baojun Liu
,
Eihal Alowaisheq
,
Lingyun Ying
,
Xiang Li
,
Zaifeng Zhang
,
Ying Liu
,
Haixin Duan
,
Min Zhang
Cite
The Maginot Line: Attacking the Boundary of DNS Caching Protection
In this paper, we report
MaginotDNS
, a powerful cache poisoning attack against DNS servers that simultaneously act as recursive resolvers and forwarders (termed as
CDNS
).
Xiang Li
,
Chaoyi Lu
,
Baojun Liu
,
Qifan Zhang
,
Zhou Li
,
Haixin Duan
,
Qi Li
PDF
Cite
Code
Project
Slides
Source Document
The Maginot Line: Attacking the Boundary of DNS Caching Protection
在本文中,我们报告了
MaginotDNS
,这是针对同时充当递归解析器和转发器(称为
CDNS
)的DNS服务器的强大缓存投毒攻击。
Xiang Li
,
Chaoyi Lu
,
Baojun Liu
,
Qifan Zhang
,
Zhou Li
,
Haixin Duan
,
Qi Li
Aug 9, 2023
DNS
PDF
Cite
Code
Project
Slides
Source Document
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
In this paper, we present a novel framework,
HostingChecker
(
DareShark
), for detecting domain takeovers.
Mingming Zhang
,
Xiang Li
,
Baojun Liu
,
Jianyu Lu
,
Jianjun Chen
,
Yiming Zhang
,
Xiaofeng Zheng
,
Haixin Duan
,
Shuang Hao
PDF
Cite
Slides
DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains
In this paper, we present a novel framework,
HostingChecker
(
DareShark
), for detecting domain takeovers.
Mingming Zhang
,
Xiang Li
,
Baojun Liu
,
Jianyu Lu
,
Jianjun Chen
,
Yiming Zhang
,
Xiaofeng Zheng
,
Haixin Duan
,
Shuang Hao
Jun 19, 2023
DNS
PDF
Cite
Slides
»
Cite
×