EXTERNAL SERVICE INTERACTION (DNS)
I am a facing below issue in my project, Please suggest the possible solution.
It is possible to induce the application to perform server-side DNS lookups of arbitrary domain names.
The payload yacfs4cj5ocyq9mho4v2xqtq2h8bw3kwjk97zvo.burpcollaborator.net was submitted in the SSL SNI value and the HTTP Host header.
The application performed a DNS lookup of the specified domain.
The behavior appears to be asynchronous, and the Collaborator interaction occurred approximately 3 hours after the scan of the item was
You should review the purpose and intended use of the relevant application functionality, and determine whether the ability to
trigger arbitrary external service interactions is intended behavior. If so, you should be aware of the types of attacks that can be performed via this
behavior and take appropriate measures. These measures might include blocking network access from the application server to other internal
systems, and hardening the application server itself to remove any services available on the local loopback adapter.
If the ability to trigger arbitrary external service interactions is not intended behavior, then you should implement a whitelist of permitted services
and hosts, and block any interactions that do not appear on this whitelist.
Rajiv, what seems to be the issue? Are you able to follow the remediation advice?