What are the advantages of using AWS nameservers as opposed to servers provided by other registrars?

I am transfering a domain name from namecheap to aws route 53 service. AWS provides you with three options when transfering:

  1. Continue to use the name servers provided by the current registrar or
    DNS service.
  2. Import name servers from a Route 53 hosted zone that has
    the same name as the domain.
  3. Specify new name servers to replace the
    current registrar’s name servers (not recommended)

what is the advantage of using option 2 over the others. What is the difference in pros and cons between the options?

Go to Source
Author: YulePale

HTML Injection to blind SSRF testing retrieves only DNS Query

I recently came across an application that was vulnerable to HTML injection on the invite function. When I insert <img src="image.jpg"> the image got rendered on the mail I received.

I decided to test for blind ssrf out of band detection, so I gave the payload as <img src=" burp collaborator payload"> and sent the invite. When I analyzed the Burp collaborator I received a DNS Query which was like this below.
enter image description here

I couldn’t get any HTTP request from the server.

Is this vulnerable or not? If not, is there any possible way to escalate or any bypassing methods to get the HTTP request?

Go to Source
Author: None_None

Key Weirdness with Dict Return Result from Lookup and Dig

Delving deeper into ansible and its has been fun (will be honest, some parts of it feel tortured as you try to get more programmatic about it. and i know that’s my issue! lol. But really nice to get up and going).

For example, while I am sure there is an easier way to do the below (waiting on a DNS update before proceeding, feel free to suggest!) I was really surprised that I had to use the command as the key here.

Is there a cleaner way to use the lookup and verify the IP in the result is my question really (with a secondary hope that there is a better way than raw output from nslookup or ?? There has to be a pattern I haven’t found.)

Thanks

    - name: Wait for Google DNS to Update
      debug:
        var: lookup('dig', '{{ fqdn }}', '@8.8.8.8')
      register: test_var
      until: new_ip == test_var["lookup('dig', '{{ fqdn }}', '@8.8.8.8')"]
#       new_ip in test_var doesn't work
#      retries: 12
#      delay: 5
    - name: and test_var is?
      debug:
        msg: "{{ test_var }}"

Here is the output:

ok: [localhost] => {
    "msg": {
        "changed": false,
        "failed": false,
        "lookup('dig', 'test.com', '@8.8.8.8')": "192.138.219.231")
    }
}

And thought that maybe query would get me the desired result. Though easier for multiple IPs to work with, still the same key ugliness…

ok: [localhost] => {
    "msg": {
        "changed": false,
        "failed": false,
        "query ('dig', 'yahoo.com', '@8.8.8.8')": [
            "98.137.246.7",
            "98.138.219.231",
            "98.137.246.8",
            "72.30.35.10",
            "98.138.219.232",
            "72.30.35.9"
        ]
    }
}

Go to Source
Author: IGotAHeadache

Why would Ubuntu treat NXDOMAIN as resolving to localhost?

Every time I should be getting an error because a domain does not exist (e.g. could not resolve host), I instead get an error about connecting to a loopback address:

$ curl -4 -v https://nonexist.invalid
Trying 127.0.0.1...

The problem only starts occuring about 2 seconds after establishing a wireless connection. For a short time, all works as expected.

I am using systemd-resolved and dns appears to be working:

$ readlink /etc/resolv.conf
../run/systemd/resolve/stub-resolve.conf
$ dig +short A example.com
192.0.2.1
$ dig +short A nonexist.invalid
$ systemd-resolve -t A nonexist.invalid
nonexist.invalid: resolve call failed: No appropriate name servers or networks for name found

If name resolution looks okay, why would programs still appear to be resolving names to 127.0.0.1?

Go to Source
Author: anx