1

ResolverFuzz: Automated Discovery of DNS Resolver Vulnerabilities with Query-Response Fuzzing

在本文中，我们提出了一个全新的工具ResolverFuzz用来模糊测试解析器。

Qifan Zhang, Xuesong Bai, Xiang Li, Haixin Duan, Qi Li, Zhou Li, ✉ Corresponding authors

TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities in DNS Response Pre-processing with Malformed Packets

本论文提出了“TuDoor攻击”，通过系统地探索并利用畸形数据包中DNS响应预处理的逻辑漏洞，导致DNS缓存投毒（1秒）、拒绝服务和资源消耗攻击。

Xiang Li, Wei Xu, Baojun Liu, Mingming Zhang, Zhou Li, Jia Zhang, Deliang Chang, Xiaofeng Zheng, Chuhan Wang, Jianjun Chen, Haixin Duan, Qi Li

BreakSPF: How Shared Infrastructures Magnify SPF Vulnerabilities Across the Internet

本论文提出了一个名为BreakSPF的攻击框架：攻击者新发现的一种绕过SPF协议并发起电子邮件欺骗攻击的方法。

Chuhan Wang, YASUHIRO KURANAGA, Yihang Wang, Mingming Zhang, Linkai Zheng, Xiang Li, Jianjun Chen, Haixin Duan, Yanzhong Lin, Qingfeng Pan

TsuKing: Coordinating DNS Resolvers and Queries into Potent DoS Amplifiers

In this paper, we present the TsuKing attack.

Wei Xu, Xiang Li, Chaoyi Lu, Baojun Liu, Jia Zhang, Jianjun Chen, Tao Wan, Haixin Duan

Under the Dark: A Systematical Study of Stealthy Mining Pools (Ab)use in the Wild

In this paper, we present a stealthy mining pool detection system.

Zhenrui Zhang, Geng Hong, Xiang Li, Zhuoqun Fu, Jia Zhang, Mingxuan Liu, Chuhan Wang, Jianjun Chen, Baojun Liu, Haixin Duan, Chao Zhang, Min Yang

Wolf in Sheep's Clothing: Evaluating the Security Risks of the Undelegated Record on DNS Hosting Services

本文对未授权的DNS记录的普遍性进行了全面的测量。

Fenglu Zhang, Yunyi Zhang, Baojun Liu, Eihal Alowaisheq, Lingyun Ying, Xiang Li, Zaifeng Zhang, Ying Liu, Haixin Duan, Min Zhang

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack

Temporal CDN-Convex Lens: A CDN-Assisted Practical Pulsing DDoS Attack.

Run Guo, Jianjun Chen, Yihang Wang, Keran Mu, Baojun Liu, Xiang Li, Chao Zhang, Haixin Duan, Jianping Wu

The Maginot Line: Attacking the Boundary of DNS Caching Protection

在本文中，我们报告了MaginotDNS，这是针对同时充当递归解析器和转发器（称为CDNS）的DNS服务器的强大缓存投毒攻击。

Xiang Li, Chaoyi Lu, Baojun Liu, Qifan Zhang, Zhou Li, Haixin Duan, Qi Li

DareShark: Detecting and Measuring Security Risks of Hosting-Based Dangling Domains

In this paper, we present a novel framework, HostingChecker (DareShark), for detecting domain takeovers.

Mingming Zhang, Xiang Li, Baojun Liu, Jianyu Lu, Jianjun Chen, Yiming Zhang, Xiaofeng Zheng, Haixin Duan, Shuang Hao

Demo: Ransom Vehicle through Charging Pile

Ransom attacks have attracted widespread attention from researchers, however, there have been relatively few researches on vehicles, especially for electric vehicles (EVs). Such attacks mainly accomplish their purpose by exploiting vulnerabilities of vehicle itself, but often have a narrow attack surface. In this demo with real EVs and public charging piles, we show a new approach, the Charging Pile Ransom Attack (CPRA), that can remotely ransom EVs through the charging connector between EVs and charging piles. Additionally, we design a physical plugin for charging connectors that can extend the EV models affected by the described ransom attack. In this case, the CPRA needs a preparing step to locally install the plugin on the connector.

Shangru Song, Hetian Shi, Ruoyu Lun, Yunchao Guan, Xiang Li, Jihu Zheng, Jianwei Zhuge