Nmap Development mailing list archives
[ncat] Thoughts about a --dns option?
From: Ron <ron () skullsecurity net>
Date: Sat, 14 Nov 2009 19:10:56 -0600
Hey all, I was thinking of writing a "dnscat" program for the fun of it -- basically, a clone of netcat that, instead of going over a plain socket connection, sends all data through DNS. Then it occurred to me, could I just add a --dns option to Ncat, and leverage the infrastructure that others have built? I'm hoping it's possible, but, since I'm unfamiliar with the Ncat codebase, I was hoping to get opinions. Basically, the simplest way to implement this is for the client to poll their DNS server with CNAME requests that contain both a sequence number and a piece of data (basically, 1-datagoeshere.example.com). The server would respond with acknowledgments for each sequence number, and possibly data of its own (like 1-responsegoeshere.example.com). A random value (nonce) would likely be required, too, to fix issues with caching. I could see this being a very useful tool to communicate with a server (for example, a proxy server) in a situation where firewalls would normally prevent it. Not to mention transferring files, etc. Any thoughts on adding this as a part of Ncat? I'd be happy to do the coding, provided nobody says that it'll require a ton of reworking. :) Ron -- Ron Bowes http://www.skullsecurity.org/ _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [ncat] Thoughts about a --dns option? Ron (Nov 14)
- Re: [ncat] Thoughts about a --dns option? David Fifield (Nov 26)
- Re: [ncat] Thoughts about a --dns option? Ron (Nov 26)
- Re: [ncat] Thoughts about a --dns option? David Fifield (Dec 27)
- Re: [ncat] Thoughts about a --dns option? Ron (Dec 27)
- Re: [ncat] Thoughts about a --dns option? Ron (Nov 26)
- Re: [ncat] Thoughts about a --dns option? David Fifield (Nov 26)