Browsers protect against DNS rebinding by caching DNS entries for the entire browser session. even if the time-to-live sent by the server is short.
This demo attempts to steal a (harmless) HTML file from facebook.com
.
You need to visit this page twice; try closing your browser and opening it again.
(This uses the DNS thing and chargen to save some work)
Fix
Everything should verify the Host
header. Everything. Also, SSL everywhere.