TuDoor Attack: Systematically Exploring and Exploiting Logic Vulnerabilities
Unknown
Black Hat USA 2024 · Day 1 · Briefing
The "TuDoor Attack" presentation at Black Hat USA unveiled a novel class of DNS cache poisoning attacks that systematically exploit logic vulnerabilities in how DNS resolvers process malformed packets. Presented by Chiwan from Tsinghua University on behalf of his colleagues Shang Lee and Chuhan Wang, the talk detailed a new set of DNS-based attacks, collectively termed TuDoor, capable of rapidly poisoning arbitrary top-level domains like `.com` and `.net` within a mere second. This discovery represents a significant leap in the ongoing cat-and-mouse game between DNS defenders and attackers, highlighting critical oversights in current DNS response processing logic.