Olivier van der Toorn

The DNS TXT resource record is the one that without doubt provide users with
the most flexibility of content, as it is a largely unstructured. Although it
might be the ideal basis for storing any form of text-based information, it
also poses a security threat, as TXT records can also be used for malicious
and unintended practices. Yet, we reckon that TXT records are often overlooked
in security research. In this paper, we present the first structured study of
the uses of TXT records, with a specific focus on security implications. We
are able to classify over 99.54% of all TXT records in our dataset, finding
security issues including accidentally published private keys and exploit
delivery attempts. We also report our lessons learned while dealing with a
large-scale, systematic analysis of TXT records.


Title TXTing 101: Finding Security Issues in the Long Tail of DNS TXT Records
Authors Olivier van der Toorn, Roland van Rijswijk-Deij, Tobias Fiebig, Martina Lindorfer, and Anna Sperotto
Publication date September 2020
Journal 5th Internation Workshop on Traffic Measurements for Cybersecurity (WTMC 2020)