PacketWhisper – Stealthily Exfiltrate Data And Defeat Attribution Using DNS Queries And Text-Based Steganography

PacketWhisper – Stealthily Exfiltrate Data And Defeat Attribution Using DNS Queries And Text-Based Steganography

PacketWhisper – Stealthily Transfer Data & Defeat Attribution Using DNS Queries & Text-Based Steganography, with out the necessity for attacker-managed Name Servers or domains; Evade DLP/MLS Devices; Defeat Data- & DNS Name Server Whitelisting Controls. Convert any file kind (e.g. executables, Office, Zip, pictures) into an inventory of Fully Qualified Domain Names (FQDNs), use DNS queries to switch knowledge. Simple but extraordinarily efficient.


Joe Gervais (TryCatchHCF)

Why is that this completely different from each different DNS exfiltration approach?

Traditional DNS exfiltration depends on one of many following: DNS tunneling; Hiding knowledge in DNS question fields; or Encoded / encrypted payloads which are damaged up and used as subdomains within the DNS question. All of those strategies require that the attacker management a website and/or an related DNS Name Server to obtain the info, which ends up in attribution. Those approaches are additionally susceptible to DNS Name Server blacklisting (frequent) and whitelisting (more and more frequent). Another drawback is that DFIR analysts are conversant in these strategies, and SIEM programs will usually detect and alert on seeing them.

PacketWhisper overcomes these limitations.

What if knowledge might be transferred utilizing the goal’s personal whitelisted DNS servers, with out the speaking programs ever immediately connecting to one another or to a typical endpoint? Even if the community boundary employed knowledge whitelisting to dam knowledge exfiltration?

How It Works

To make all of it occur, PacketWhisper combines DNS queries with textual content-based mostly steganography. Leveraging the Cloakify Toolset, it transforms the payload into an inventory of FQDN strings. PacketWhisper then makes use of the listing of FQDNs to create sequential DNS queries, transferring the payload throughout (or inside) community boundaries, with the info hidden in plain sight, and with out the 2 programs ever immediately connecting to a one another or to a typical endpoint. The ciphers utilized by PacketWhisper present a number of ranges of deception to keep away from producing alerts in addition to to mislead evaluation makes an attempt.

To obtain the info, you seize the community visitors containing the DNS queries, utilizing no matter technique is most handy for you. (See “Capturing The PCAP File” under for examples of seize factors.) You then load the captured PCAP file into PacketWhisper (operating on no matter system is handy), which extracts the payload from the file and Decloakifies it into its authentic kind.

DNS is a horny protocol to make use of as a result of, despite the fact that it is a comparatively sluggish technique of transferring knowledge, DNS is nearly all the time allowed throughout community boundaries, even on essentially the most delicate networks.

Important word: We’re utilizing DNS queries to switch the info, not profitable DNS lookups. PacketWhisper by no means must efficiently resolve any of its DNS queries. In truth PacketWhisper does not even have a look at the DNS responses. This expands our use circumstances, and underscores the truth that we by no means want to regulate a website we’re querying for, by no means want to regulate a DNS Name Server dealing with DNS requests.

So utilizing PacketWhisper, we rework a payload that appears like this:

Into an inventory of FQDNs like this:

Which PacketWhisper turns into DNS queries that present up in community visitors like this:

Which you seize as a PCAP file wherever alongside the DNS decision path, after which load that PCAP into your native copy of PacketWhisper to get well the payload:


See the DEF CON 26 slides (included in challenge) from my Packet Hacking Village presentation. The slides current background on DNS exfiltration, textual content-based mostly steganography / Cloakify Toolset, and the way PacketWhisper combines all of them into a technique for transferring knowledge. I particularly created the slides to be helpful on their very own, so the background and knowledge needs to be full. However you too can view the video of my DC26 Packet Hacking Village presentation which offers further context. [NOTE: Video should be online sometime in September, at which point I’ll add the URL here.]

I’ve included a pattern PCAP file within the challenge (cleverly named “sample.pcap”) that incorporates separate payloads for every of the ciphers. They might have been any filetype, after all, however on this case I simply transmitted textual content information into the PCAP. Load it up in PacketWhisper and provides it a strive!

As a fast take a look at in your personal setting, run PacketWhisper from a VM, then ship a file whereas doing a packet capture on the VM’s community interface through the host system. You can then load the PCAP file into whichever PacketWhisper occasion is handy to decode the file. Just keep in mind it isn’t a speedy switch. Smaller information and endurance are your pal.


  1. Python 2.7.x (3.6.x port is underway)
  2. For decoding payloads: tcpdump (included on Linux & MacOS) or WinDump (Windows)

Question: “Why didn’t you use Scapy or dnspython toolset?”

Answer: I hate challenge dependencies in my operational instruments. I preserve my initiatives as atomic, self-contained as potential for max reliability, particularly on the shopper facet the place I could not management the setting and/or have minimal privileges. The approach PacketWhisper is structured, I can get it operating on a restricted shell host simply by tar’ing up the challenge and extracting on the goal host.

Question: “Why isn’t PacketWhisper a project fork of Cloakify Toolset?”

Answer: Same reply as above. We solely want a really particular subset of Cloakify’s capabilities, and including every little thing else to PacketWhisper would simply result in a cluttered listing and instruments/ciphers that may’t be utilized by PacketWhisper. Since I personal each initiatives, I promise to synchronize any adjustments between the 2.

Run PacketWhisper

$ python

FQDN-Based Ciphers

FQDN-based mostly ciphers consist of three classes:

  1. Unique Random Subdomain FQDNs (Recommended – avoids DNS caching, overcomes NAT)
  2. Unique Repeating FQDNs (DNS could cache, however overcomes NAT)
  3. Common Website FQDNs (DNS caching could block, NAT interferes)

Unique Random Subdomain FQDNs


These are FQDNs with randomized parts constructed into the subdomains. This helps forestall DNS caching, whereas additionally permitting us to switch knowledge past a NAT’d community units which may be alongside the DNS question path. Since the sending system’s IP deal with is not obtainable past the NAT machine, the cipher-generated subdomains comprise distinctive tag parts to assist us establish PacketWhisper payloads within the packet seize.

These ciphers mimic the codecs of assorted companies that depend on complicated subdomains as a method to establish a session, consumer, cached content material and many others. This method helps PacketWhisper’s DNS queries mix in with the remainder of the community’s visitors.

The first a part of the subdomain identify is definitely a string from the cipher listing. The remainder of the subdomain identify is randomized to make every FQDN distinctive, which prevents DNS caching from shutting down the DNS question path prematurely. We then add the area identify. We assemble the FQDNs this solution to appear like the standard FQDNs related to the chosen area, to mix in higher with regular webtraffic seen on any community.

Unique Repeating FQDNs

Created to face out from all different DNS queries on the community, however with none randomization concerned. This signifies that DNS caching could intrude, however as a facet profit your DNS queries can be simple so that you can discover even within the largest assortment of multi-shopper pcaps. This is because of the truth that the FQDNs are odd endpoints, just like the listing of “Johns” (Red Lectroid aliens) on the fictional Yoyodyne Propulsion Systems from the film ‘Buckaroo Banzai Across the eighth Dimension’.

Common Website FQDNs

These are FQDNs constructed out of frequent Website URLs.

NOTE: Since most environments are NAT’d on the perimeter (eradicating visibility of shopper’s IP deal with), this mode is usually solely helpful for transferring knowledge between programs related to the identical native /24 community (for instance, the visitor wifi at your favourite espresso store).

Since Common Website ciphers solely have the supply IP deal with as a solution to distinguish its queries from all the opposite comparable DNS queries on the community, PacketWhisper will transmit a novel “knock sequence” DNS question at starting and finish of the payload, which helps us pick the transmitting host from the pcap file later.

Transmitting the Cloakified Payload

Once you’ve got chosen a cipher, PacketWhisper encodes (Cloakifies) the payload into an inventory of FQDN strings per the specified cipher. It then sequentially generates DNS requests to ship the info alongside the DNS decision path. PacketWhisper provides a small delay between every DNS question, which helps forestall out-of-order DNS requests.

Capturing the PCAP File

The key ingredient right here is after all having the ability to seize the community visitors containing the DNS queries that PacketWhisper generated. There are quite a lot of choices, because you solely have to be someplace, wherever, with visibility to the DNS question path.

Example Points of Capture:

  • Connected to the identical native community (e.g. your native espresso store)
  • Systems and units which are inside to the group
  • Perimeter community home equipment
  • Network infrastructure exterior of the group
  • Network faucet wherever alongside the question path

Use your creativeness. Any machine alongside the DNS decision path is an possibility, together with wall shows. “Wait, what?”

NOTE: VPN connections block visibility between host and VPN exit node. If the shopper you are transferring from has an energetic VPN connection, you will not have the ability to see any DNS queries until you may seize upstream from the VPN exit node. Even capturing on the identical system will fail. Since a lot of you might be in all probability utilizing VPNs, if you wish to take a look at out PacketWhisper, strive transmitting from a hosted virtual machine (VM) and seize the visitors on the VM’s community interface on the host system.

Extracting The Payload

Once you’ve got captured the pcap file, get well the payload by operating PacketWhisper on a system that has tcpdump (included on Linux & MacOS) or WinDump (Windows) put in. PacketWhisper will ask you which of them cipher was used, then extract the payload from the pcap, and at last decode the extracted payload with the matching cipher.

Important word: Within the identical PCAP, you may transmit one payload per cipher used. A PCAP containing a couple of payload utilizing the identical cipher will trigger issues. For instance my provided ‘instance.pcap’ file incorporates 5 payloads, one for every of the operational ciphers at present obtainable. If one of many payloads had used the identical cipher as one other one, PacketWhisper will fail to extract both of them. The simple repair is to interrupt up the PCAP file (that is why the PacketWhisper transmit code prints out the UTC date-time when beginning and ending transmission). I’m engaged on permitting a number of payloads utilizing the identical cipher, answer is already in place, I simply have to get round to it.

Limitations / Use Notes

Be certain your PCAP file is definitely PCAP format. If you used tcpdump or WinDump to seize the file you will be high quality. Wireshark nonetheless provides all kinds of “Save As…” choices for saving Wireshark visitors, solely one in all which is definitely tcpdump/PCAP pleasant. I’m engaged on higher error reporting to assist catch errors early.

Not a safe encryption scheme. PacketWhisper just isn’t a safe encryption scheme. It’s susceptible to frequency evaluation assaults. Use the ‘Unique Random Subdomain FQDNs’ class of ciphers so as to add entropy and assist degrade frequency evaluation assaults. If payload secrecy is required, make sure you encrypt the payload earlier than utilizing PacketWhisper to course of it.

Not a excessive-bandwidth switch technique. PacketWhisper depends on DNS queries, that are UDP-based mostly, that means order of supply (and even profitable supply) of the request just isn’t assured. PacketWhisper by default provides a small (half-second) delay between every DNS question. You can safely switch payloads at a charge of about 7.2K per hour (120 bytes per minute). That’s based mostly on the dimensions of the unique payload, not the Cloakified output file. You can go for no delay between between queries, which dramatically hastens the switch however on the threat of elevated community noise and corrupted payload.

And let’s face it, in case you have non-DNS modes of knowledge switch obtainable, you may simply use the primary Cloakify Toolset challenge to cover the file in plain sight (possibly flip the payload into an inventory of PokemonGo monsters w/ LatLon coordinates) and use all that top bandwidth obtainable through FTP/HTTP/and many others. DNS is extraordinarily helpful when different protocols are blocked, however all the time pay attention to your choices.

DNS is DNS. Different OS’s have completely different DNS caching insurance policies, and many others. Networks could also be down, remoted, and many others. PacketWhisper features a fast handbook verify to see if it may well resolve frequent FQDNs, however DNS is usually a messy enterprise. Remember the previous IT troubleshooting mantra: “It’s always DNS.”

Detection / Prevention

See the DEF CON 26 slides (included in challenge) from my Packet Hacking Village presentation. Mitigation methods are coated towards the top of the presentation. As in all issues, “Security In Depth” is your pal, particularly since DNS decision paths span huge quantities of terrain which are exterior of your group’s management.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.