Pentesting Tools Sniffing & Spoofing

DNSteal – DNS Exfiltration tool for stealthily sending files over DNS requests.

DNSteal – DNS Exfiltration tool

This is a fake DNS server that allows you to stealthily extract files from a victim machine through DNS requests.

Below is an image showing an example of how to use:

dnsteal

On the victim machine, you simply can do something like so:

Support for multiple files

gzip compression supported
It also supports compression of the file to allow for faster transfer speeds, this can be achieved using the “-z” switch:

Then on the victim machine send a Gzipped file like so:

or for multiple, gzip compressed files:

I started blogging around 2011 at #Ubuntupirates, #ProjectX and #pir8geek, I’m currently working as Network/Linux SysAdmin.

I’m a Linux,opensource advocate and interested in network security and InfoSec.

Leave a Reply