DNSteal

LSE toolsLSE toolsDNSteal (386)DNSteal (386)

Tool and Usage

Project details
LicenseGPLv2
Programming languagePython
Latest release2.0 []

Project health

64
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

DNSteal allows you to extract files from a machine through DNS requests. This can be used to circumvent security measures and test them against data leakage. The tool supports compression and allows for multiple files to be transferred.

Usage and audience

DNSteal is commonly used for application security or data hiding. Target users for this tool are pentesters and security professionals.

Features

  • Command line interface

Example usage and output

___ _ _ ___ _ _
| \| \| / __| |_ ___ __ _| |
| |) | .` \__ \ _/ -_) _` | |
|___/|_|\_|___/\__\___\__,_|_|v2.0

-- https://github.com/m57/dnsteal.git --

Stealthy file extraction via DNS requests

Usage: python ./dnsteal.py [listen_address] [options]

Options:
-z Unzip incoming files.
-v Verbose output.
-h This help menu

Advanced:
-b Bytes to send per subdomain (default = 57, max=63)
-s Number of data subdomains per request (default = 4, ie. $data.$data.$data.$data.$filename)
-f Length reserved for filename per request (default = 17)

$ python ./dnsteal.py -z 127.0.0.1

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + More than 500 GitHub stars
  • + The source code of this software is available

Weaknesses

  • - No releases on GitHub available
  • - Full name of author is unknown

Installation

Supported operating systems

DNSteal is known to work on Linux.

DNSteal alternatives

Similar tools to DNSteal:

64

DET

DET is a proof of concept to perform data exfiltration using either single or multiple channels at the same time.

85

AIL framework

AIL is a framework to analyze potential information leaks from unstructured data sources. For example, this may include data from Pastebin and similar services.

85

GitMiner

GitMiner is a security tool to scan a Git repository for data leaks that may reveal sensitive information like authentication details.

All DNSteal alternatives

Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a data exfiltration tool.