DNS-Shell is an interactive Shell over DNS channel. The server is Python based mostly and might run on any working system that has python put in, the payload is an encoded PowerShell command.
The Payload is generated when the sever script is invoked and it merely makes use of nslookup to carry out the queries and question the server for brand new instructions the server then listens on port 53 for incoming communications, as soon as payload is executed on the goal machine the server will spawn an interactive shell.
Once the channel is established the payload will continously question the server for instructions if a brand new command is entered, it should execute it and return the consequence again to the server.
Running DNS-Shell is comparatively easy
DNS-Shell helps two mode of operations direct and recursive modes:
- Perform a git clone from our DNS-shell Github page
- DNS-Shell direct mode: sudo python DNS-Shell.py -l -d [Server IP]
- DNS-Shell recursive mode: sudo python DNS-Shell.py -l -r [Domain]