# DNS Rebinding It’s a way to get into private networks using the victim’s browser You have them go to your domain evil.com. You control the DNS server to that domain. Let’s say the IP address is 152.152.152.152 You give them a very short TTL for the DNS record. Now that they are on your site, you have them query your site additional times. Then, when the TTL for the DNS runs out, you give them a new IP for your site, like 10.10.10.15. That means they will make the query to 10.10.10.15, thinking they are querying your server. This allows you to make requests inside their private network, possibly compromising IoT devices and whatnot. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://heinosass.gitbook.io/leet-sheet/web-app-hacking/user-attacks/dns-rebinding.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.