Playing with file transfer over DNS https://sarsoo.github.io/dnstp/
Go to file
Andy Pack e87db6f6a5
Some checks failed
Build Binaries / Build & Test (push) Successful in 51s
Build Binaries / Package Library (push) Failing after 42s
Build Binaries / Package Container (push) Successful in 1m33s
fixing cargo repo url
2024-07-28 11:30:28 +01:00
.gitea/workflows fixing cargo repo url 2024-07-28 11:30:28 +01:00
.github/workflows adding docker push to hub 2024-02-07 19:04:04 +00:00
.jenkins fixing jenkinsfile 2024-02-02 20:23:07 +00:00
dnstp adding repo when publishing 2024-07-28 11:17:02 +01:00
dnstp-client adding repo when publishing 2024-07-28 11:17:02 +01:00
dnstp-server adding repo when publishing 2024-07-28 11:17:02 +01:00
.dockerignore adding dockerfile 2024-02-02 20:12:23 +00:00
.gitignore bidirectional header passing, adding question struct 2024-01-29 18:37:25 +00:00
Cargo.lock updating deps 2024-07-28 10:54:01 +01:00
Cargo.toml initial commit with working sockets 2024-01-28 19:30:59 +00:00
Dockerfile adding lib publish 2024-07-28 10:45:40 +01:00
README.md serialising public key to string, adding docs, shifting stuff about 2024-02-09 20:47:46 +00:00

dnstp

Build Binaries

Transmitting files over dns piece by piece. Should be a pretty subtle way of sending files.

I remember I was listening to, I think, Security This Week with Carl Franklin. One of the hosts mentioned doing data exfiltration from a tight network by breaking the file down and sending it over DNS. I wanted to see how this could work. Read More.

I also wanted to play with a big rust project for standard targets with threading. Although I had a lot of fun with my browser-based checkers game, Draught, working against WASM has some restrictions.

Read the Docs

One of my aims was to see whether arbitrary data could be transmitted using more or less compliant DNS messages, i.e.not just sending junk over UDP to port 53. The closer to compliant DNS that the messages are, the more subtle the process is. In my own network, I have NAT rules that will redirect any DNS messages that are destined for external DNS servers to my own internal ones first. If the packets are crap and malformed, they could be rejected before they even reach my subtle server.