Playing with file transfer over DNS https://sarsoo.github.io/dnstp/
Go to file
2024-02-12 19:38:07 +00:00
.github/workflows adding docker push to hub 2024-02-07 19:04:04 +00:00
.jenkins fixing jenkinsfile 2024-02-02 20:23:07 +00:00
dnstp more thorough error handling 2024-02-12 19:38:07 +00:00
dnstp-client working key handshake, client subcommands, just need to start encrypting and sending content 2024-02-11 22:30:07 +00:00
dnstp-server serialising public key to string, adding docs, shifting stuff about 2024-02-09 20:47:46 +00:00
.dockerignore adding dockerfile 2024-02-02 20:12:23 +00:00
.gitignore bidirectional header passing, adding question struct 2024-01-29 18:37:25 +00:00
Cargo.lock adding asym crypto, fixing txt, appending logs 2024-02-08 17:22:06 +00:00
Cargo.toml initial commit with working sockets 2024-01-28 19:30:59 +00:00
Dockerfile adding dockerfile 2024-02-02 20:12:23 +00:00
README.md serialising public key to string, adding docs, shifting stuff about 2024-02-09 20:47:46 +00:00

dnstp

Build Binaries

Transmitting files over dns piece by piece. Should be a pretty subtle way of sending files.

I remember I was listening to, I think, Security This Week with Carl Franklin. One of the hosts mentioned doing data exfiltration from a tight network by breaking the file down and sending it over DNS. I wanted to see how this could work. Read More.

I also wanted to play with a big rust project for standard targets with threading. Although I had a lot of fun with my browser-based checkers game, Draught, working against WASM has some restrictions.

Read the Docs

One of my aims was to see whether arbitrary data could be transmitted using more or less compliant DNS messages, i.e.not just sending junk over UDP to port 53. The closer to compliant DNS that the messages are, the more subtle the process is. In my own network, I have NAT rules that will redirect any DNS messages that are destined for external DNS servers to my own internal ones first. If the packets are crap and malformed, they could be rejected before they even reach my subtle server.