Nmap Development mailing list archives
Re: [ncat] Thoughts about a --dns option?
From: David Fifield <david () bamsoftware com>
Date: Thu, 26 Nov 2009 11:38:07 -0700
On Sat, Nov 14, 2009 at 07:10:56PM -0600, Ron wrote:
I was thinking of writing a "dnscat" program for the fun of it -- basically, a clone of netcat that, instead of going over a plain socket connection, sends all data through DNS. Then it occurred to me, could I just add a --dns option to Ncat, and leverage the infrastructure that others have built? I'm hoping it's possible, but, since I'm unfamiliar with the Ncat codebase, I was hoping to get opinions. Basically, the simplest way to implement this is for the client to poll their DNS server with CNAME requests that contain both a sequence number and a piece of data (basically, 1-datagoeshere.example.com). The server would respond with acknowledgments for each sequence number, and possibly data of its own (like 1-responsegoeshere.example.com). A random value (nonce) would likely be required, too, to fix issues with caching. I could see this being a very useful tool to communicate with a server (for example, a proxy server) in a situation where firewalls would normally prevent it. Not to mention transferring files, etc. Any thoughts on adding this as a part of Ncat? I'd be happy to do the coding, provided nobody says that it'll require a ton of reworking. :)
I don't think something like this belongs in Ncat but it is very interesting. In your explanation, the "DNS server" isn't just any old DNS server, but a custom data-transfer program that understands the protocol, correct? I think this might work well implemented as a proxy server. That way anything could use it as a tunnel. David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [ncat] Thoughts about a --dns option? Ron (Nov 14)
- Re: [ncat] Thoughts about a --dns option? David Fifield (Nov 26)
- Re: [ncat] Thoughts about a --dns option? Ron (Nov 26)
- Re: [ncat] Thoughts about a --dns option? David Fifield (Dec 27)
- Re: [ncat] Thoughts about a --dns option? Ron (Dec 27)
- Re: [ncat] Thoughts about a --dns option? Ron (Nov 26)
- Re: [ncat] Thoughts about a --dns option? David Fifield (Nov 26)