Playing with file transfer over DNS https://sarsoo.github.io/dnstp/
Go to file
Andy Pack cb22c94cde
All checks were successful
Build Binaries / Build & Test (push) Successful in 36s
Build Binaries / Package Library (push) Successful in 39s
Build Binaries / Package Container (push) Successful in 1m30s
bumping version number
2024-07-29 21:51:30 +01:00
.gitea/workflows writing creds to file 2024-07-28 13:00:52 +01:00
.github/workflows adding docker push to hub 2024-02-07 19:04:04 +00:00
.jenkins fixing jenkinsfile 2024-02-02 20:23:07 +00:00
dnstp adding key value upload capability 2024-07-29 21:51:05 +01:00
dnstp-client adding key value upload capability 2024-07-29 21:51:05 +01:00
dnstp-server adding key value upload capability 2024-07-29 21:51:05 +01:00
.dockerignore adding dockerfile 2024-02-02 20:12:23 +00:00
.gitignore bidirectional header passing, adding question struct 2024-01-29 18:37:25 +00:00
Cargo.lock bumping version number 2024-07-29 21:51:30 +01:00
Cargo.toml bumping version number 2024-07-29 21:51:30 +01:00
Dockerfile adding lib publish 2024-07-28 10:45:40 +01:00
README.md serialising public key to string, adding docs, shifting stuff about 2024-02-09 20:47:46 +00:00

dnstp

Build Binaries

Transmitting files over dns piece by piece. Should be a pretty subtle way of sending files.

I remember I was listening to, I think, Security This Week with Carl Franklin. One of the hosts mentioned doing data exfiltration from a tight network by breaking the file down and sending it over DNS. I wanted to see how this could work. Read More.

I also wanted to play with a big rust project for standard targets with threading. Although I had a lot of fun with my browser-based checkers game, Draught, working against WASM has some restrictions.

Read the Docs

One of my aims was to see whether arbitrary data could be transmitted using more or less compliant DNS messages, i.e.not just sending junk over UDP to port 53. The closer to compliant DNS that the messages are, the more subtle the process is. In my own network, I have NAT rules that will redirect any DNS messages that are destined for external DNS servers to my own internal ones first. If the packets are crap and malformed, they could be rejected before they even reach my subtle server.